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Abstract 

Data types containing infinite data, such as the real numbers, functions, bit streams and 
waveforms, are modelled by topological many-sorted algebras. In the theory of computation 
on topological algebras there is a considerable gap between so-called abstract and concrete 
models of computation. We prove theorems that bridge the gap in the case of metric algebras 
with partial operations. 

With an abstract model of computation on an algebra, the computations are invariant 
under isomorphisms and do not depend on any representation of the algebra. Examples of 
such models are the 'while' programming language and the BCSS model. With a concrete 
model of computation, the computations depend on the choice of a representation of the 
algebra and are not invariant under isomorphisms. Usually, the representations are made 
from the set N of natural numbers, and computability is reduced to classical computability 
on N. Examples of such models are computability via effective metric spaces, effective 
domain representations, and type two enumer ability. 

The theory of abstract models is stable: there are many models of computation, and 
conditions under which they are equivalent are largely known. The theory of concrete 
models is not yet stable, though it seems to be converging: several interesting models are 
known to be equivalent over special types of topological algebra. We investigate the problem 
of comparing the two types of models and, hence, establishing a unified and stable theory 
of computation for topological algebras. 

First, we show that to compute functions on topological algebras using an abstract model, 
it is necessary that one must use algebras with partial operations and computable functions 
that are continuous and multivalued. This multivaluedness is needed even to compute single- 
valued functions, and so abstract models must be nondeterministic even to compute 
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deterministic problems. Then we choose the ' while'-array programming language as an 
abstract model for computing on any data type, and extend it with a nondeterministic 
assignment of "countable choice". This is the new WhileCC* model. Finally, we introduce 
the notion of approximable multivalued computation on metric algebras. As a concrete 
model, we choose effective metric spaces. Among a number of results we prove the following. 

For any metric algebra A with an effective representation, any function WhileCC* 
approximable over A is computable in the effective representation of the metric algebra 
A. Conversely, we show that, under certain reasonable conditions on the effective metric 
algebra A, any function that is effective is also WhileCC* approximable. We give an 
equivalence theorem, and examples of algebras where equivalence holds. 

Keywords: data types, abstract models of computation, concrete models of computation, par- 
tial algebra, 'while' language, countable choice, nondeterminism, multivalued functions, metric 
algebras, topological algebras, approximation by 'while' programs, effective metric spaces, effec- 
tive Banach spaces 

Introduction 

The theory of data in computer science is based on many sorted algebras and homomor- 
phisms. The theory originates in the 1960s, and has developed a wealth of theoretical 
concepts, methods and techniques for the specification, construction, and verification of 
software and hardware systems. It is a significant achievement in computer science and 
has exerted a profound influence on programming [Wir91, GTW78, MG85]. However, 
given the absolutely fundamental nature of its subject matter — data — there are many 
fascinating and significant open problems. An important general problem is: 

To develop a comprehensive theory of specification, computation and reasoning 
with infinite data. 

By infinite data we mean real numbers, spaces of functions, streams of bits or reals, 
waveforms, multidimensional graphics objects, video, and analogue and digital interfaces. 
The application areas are obvious: scientific modelling and simulation, embedded systems, 
graphics and multimedia communications. 

Data types containing infinite data are modelled by topological many-sorted algebras. 
In this paper we consider computability theory on topological algebras and investigate the 
problem 

To compare and integrate high-level, representation independent, abstract mod- 
els of computation with low-level, representation dependent, concrete models 
of computation in topological algebras. 

Computability theory lies at the technical heart of theories of both specification and 
reasoning about such systems. There are many disparate ways of defining computable 
functions on topological algebras and some have (different) significant mathematical theo- 
ries. In the case of real numbers one can contrast the approaches in books such as [Abe80, 
AbeOl, PER89, WeiOO, BCSS97]. 
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Generally speaking, the models of computation for an algebra can be divided into two 
kinds: the abstract and concrete. 

With an abstract model of computation for an algebra the programs do not depend on 
any representation of the algebra and are invariant under isomorphisms. Abstract models 
originated in the late 1950s in formalising flowcharts, and include program schemes and 
many general models of recursion. Examples of such models are the While programming 
language over any algebra and the Blum-Cucker-Shub-Smale model [BSS89, BCSS97] over 
the rings of real or complex numbers. The theory of abstract models is stable: there 
are many models of computation and the conditions under which they are equivalent are 
largely known [TZ88, TZOO]. For example, ' while' programs, flow charts, register machines, 
Kleene schemes, etc., are equivalent on any algebra; the BCSS models are simply instances 
obtained by choosing the algebra appropriate to the ring or ordered ring. 

With a concrete model of computation for an algebra the programs and computations 
are not invariant under isomorphisms, but depend on the choice of a representation of 
the algebra. Usually, the representations are made from the set N of natural numbers, 
and computability on an algebra is reduced to classical computability on N. Concrete 
models originated in the 1940s, in formalising the computable functions on real numbers. 
Examples of general models are computability via 

• effective metric spaces [Mos64], 

• computable sequence structures [PER89], 

• domain representations [SHT88, SHT95, Eda95, Eda97], and 

• type two enumerability [WeiOO] . 

The theory of concrete models is not stable though it seems to be converging: several 
basic models are known to be equivalent in special cases (see, e.g., [SHT99] where the four 
general approaches above are shown to be equivalent). 

In the theory of computation on algebras, abstract models are implemented by concrete 
models. Thus, the gap between the models is the gap between high level programming 
abstractions and low level implementations, and can be explored in terms of the following 
concepts: 

• Soundness of abstract model: The functions computable in the abstract model are also 
computable in the concrete model. 

• Adequacy of abstract model: The functions computable in the concrete model are com- 
putable in the abstract model. 

• Completeness of abstract model: Functions are computable in the abstract model if, 
and only if, they are computable in the concrete model. 

However, there is a considerable gap between abstract and concrete models of computa- 
tion, especially over topological data types. For example, the popular abstract model in 
[BCSS97] is not sound for the main concrete models because of its assumptions about the 
total computability of relations such as equality. Equality on the real numbers is not ev- 
erywhere continuous, but in all the concrete models computable functions are continuous 
(cf. Ceitin's Theorem [Mos64]). The connection between abstract and concrete models of 
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computation on the real numbers is examined in [TZ99] where approximation by 'while' 
programs over a particular algebra was shown to be equivalent to the standard concrete 
model of GL computability over the unit interval. 

First attempts at bridging the gap for all topological algebras in general have been made 
in [Bra96, Bra99], using a generalisation of recursion schemes (abstract computability) and 
Weihrauch's type two enumerability (concrete computability). Here we investigate further 
the problems in comparing the two classes of models and in establishing a unified and 
stable theory of computation on topological algebras. We prove new theorems that bridge 
the gap in the case of computations on metric algebras with partial operations. 

By reflecting on a series of examples, we show that to compute functions on topological 
algebras, it is necessary that one must consider 

(i) algebras with partial operations, 

(ii) computable functions that are both continuous and multivalued, and 
(Hi) approximations by abstract programs. 

In particular, multivalued functions are needed, even to compute single-valued functions. 
Thus, to prove an equivalence between abstract and concrete models we must include a 
nondeterministic construct to define multivalued functions, and in this way use nondeter- 
ministic abstract models even to compute deterministic problems. We find that 

imperative and other abstract programming models must be nondeterministic 
to express even simple programs on topological data types. 

We choose the While programming language as an abstract model for computing on 
any data type, and extend it with the nondeterministic assignment of countable choice 
having the form: 

x ::= choose z : b(z, x, y) 

where z is a natural number variable and b is a Boolean-valued operation. This new 
model is called WhileCC* computability ('CC for "countable choice", '*' for array 
variables.) In particular, we introduce a notion of approximable multivalued computation, 
and formulate and prove the continuity of their semantics. We thus have the partial 
multivalued functions approximable by a WhileCC* program on A. 

As a concrete model, we choose effective metric spaces; this is known to be equiva- 
lent with several other concrete models. In computation with effective metric spaces A 
we pick an enumeration a of a subspace X of A, and construct the subspace C a (X) of 
a-computable elements of A, enumerated by 57. We thus have the partial functions com- 
putable on C a (X) in the representation 57. 

We then prove two theorems that can be summarised (a little loosely) as follows. 

Soundness Theorem: Let A be any metric partial algebra with an effective representa- 
tion ot. Suppose C a (X) is a subalgebra of A, effective under 57. Then any function F on 
A that is WhileCC* approximable over A is computable on C a (X) in 57. 

The soundness theorem is technically involved but quite general, and gives new insight 
into the semantics of imperative programs applied to topological data types. The converse 
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theorem is more restricted in its data types: 

Adequacy Theorem: Let A be any metric partial algebra A with an effective represen- 
tation a. Suppose the representation a is WhileCC* computable and dense. Then any 
function F: A — > A that is computable on C a (X) in a and effectively locally uniformly 
continuous in a is WhileCC* approximable over A. 

These are combined into a Completeness Theorem. 

The proper statements of these theorems are given as Theorems A, B and C (in Sections 
6, 7 and 8). Some interesting applications to algebras of real numbers and to Banach spaces 
are studied. 

Here is the structure of the paper. We begin, in Section 1, by explaining the role 
of partiality, continuity and multivaluedness in computation, using simple examples on 
the real numbers. In Section 2 we describe topological and metric partial algebras and 
their extensions. In Section 3 we introduce the WhileCC* language, give it an alge- 
braic semantics, and define approximable WhileCC* computability. We will see that 
the WhileCC* language has a complex semantics. However on total algebras it defines 
precisely the While* computable functions. Section 4 is devoted to examples. In Section 
5 we prove the continuity of these WhileCC* computable multivalued functions. In 
Section 6 we introduce our concrete model, effective metric spaces, and prove a Sound- 
ness Theorem (Theorem Aq) for the special case of surjective enumerations of countable 
(not necessarliy metric) algebras. In Section 7 we define the subspace (or subalgebra) 
of elements computable in a metric algebra, and then prove the more general Soundness 
Theorem (Theorem A) and, in Section 8, the Adequacy Theorem (Theorem B). These are 
combined into a Completeness Theorem (Theorem C) in Section 9. Concluding remarks 
are made in Section 10. 

This work is part of a research programme — starting in [TZ88] and most recently 
surveyed in [TZ00] - on the theory of computability on algebras, and its application 
to specifiability and verifiability in different areas of computer science and mathematics. 
Specifically, it has developed from our studies of real and complex number computation in 
[TZ92a, TZ99, TZ00], stream algebras in [TZ92b, TZ94] and metric algebras in [TZ01]. 

We thank Vasco Brattka and Kristian Stewart for invaluable discussions. 

1 Nondeterminism, many-valuedness, non-extensionality, 
continuity and partiality: Some real number examples 

When one considers the relation between abstract and concrete models, a number of in- 
triguing problems appear. We explain them by considering a series of examples. Then we 
formulate our strategy for solving these problems. 

Our chosen abstract and concrete models are introduced later (in Sections 3 and 5, 
respectively), so we must explain the problems of computing on the real number data 
type in rather general terms. First, we sketch the abstract and concrete forms of the real 
number data type. The picture for topological algebras in general will be clear from the 
examples. 
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1.1 Abstract versus concrete data types of real numbers; Continuity; 
Partiality 

1.1.1 Abstract and concrete data types of reals. To compute on the set R of 

real numbers with an abstract model of computation, we have only to select an algebra 
A in which R is a carrier set. Abstract computability on an algebra A is a computability 
relative to A: a function is computable over A if it can be programmed from the operations 
of A using the programming constructs of the abstract model. Clearly, there are infinitely 
many choices of operations with which to make an algebra A, and hence there are infinitely 
many choices of classes of abstractly computable functions. All the classes of abstractly 
computable functions on R have decent mathematical theories, resembling the theory of 
the computable functions on the natural numbers - - thanks to the general theory of 
computable functions on many sorted algebras [TZOO] . 

In contrast, to compute on R with a concrete model of computation, we choose an 
appropriate concrete representation R, and map 

a: R -> R 

where R is an algebra made from the set N of natural numbers. For example, the map will 
be based on the fact that the reals can be built from the rationals, and hence the naturals, 
in a variety of equivalent ways (such as Cauchy sequences, decimal expansions, etc.). The 
computability of functions on the reals is investigated using the theory of computable 
functions on N, applied to R via a. 

To compare this computation theory with abstract models, we choose an algebra A 
in which R is a carrier set and, in particular, the operations of A are computable with 
respect to the representation a. For example, multiplication by 3 is not computable in 
the decimal representation, but the field operations on R are computable in the Cauchy 
sequence representation. 

We assume that our concrete model is the subspace CS of Baire space N N consisting of 
codings of fast Cauchy sequences of rationals, i.e., sequences (k n ) of naturals such that for 
all n and all m > n, \rk m — r^ n \ < 2 _n , where tq, r±, r<i, ■ ■ ■ is some standard enumeration 
of the rationals. The representing function 

a: CS — > R 

is continuous and onto. 

1.1.2 Continuity. Computations with real numbers involve infinite data. The topology 
of R defines a process of approximation for infinite data; the functions on the data that 
are continuous in the topology are exactly the functions that can be approximated to any 
desired degree of precision. 

For abstract models we assume the algebra A that contains R is a topological algebra, 
i.e., one in which the basic operations are continuous in its topologies. We expect further 
that all the computable functions will be continuous. The class of functions that can be 
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abstractly computed exactly can be quite limited! With abstract models, approximate 
computations also turn out to be necessary [TZ99]. 

In the concrete models, moreover, it follows from Ceitin's Theorem [Mos64] that if a 
function is computable then it is continuous. 

Thus, in both abstract and concrete approaches, an analysis of basic concepts shows 
that computability implies continuity. 

1.1.3 Partiality. In computing with an abstract model on A we assume A has some 
boolean-valued functions to test data. For example, in computing on R we need to use the 
functions 

= R :R 2 -> B and < R :R 2 -> B 
where B = {tt, ff} is the set of booleans. 

Use of these functions presents a problem, since total continuous boolean-valued func- 
tions on the reals must be constant. This is because the only continuous functions from 
a connected space to a discrete space are the constant functions. Furthermore, in [TZ99] 
it was shown that on connected total topological algebras, the 'while' and ' while'-array 
computable functions are precisely the functions explicitly definable by terms over the 
algebra. 

To study the full range of real number computations, we must therefore redefine these 
tests as partial boolean-valued functions. Computation with partial algebras has interest- 
ing effects on the theory of computable functions, as indicated in [TZ99]. 

On the basis of these preliminary remarks on the data type of reals, we turn to the 
examples. 

1.2 Examples of nondeterminism and many-valuedness 

We now look at three examples of computing functions on M. 

Example 1.2.1: Pivot function. Define the function 

piv: R n {l,...,n} 

by 

C some i : Xi if such an i exists 
piv(xi,...,a; n ) = < . (1) 

[ J otherwise 

Computation of this pivot is a vital step in the Gaussian elimination algorithm for inverting 
matrices. 

Note that (depending on the precise semantics for the phrase "some i" in (1)) piv is 
nondeterministic or (alternatively) many-valued on dom(piv) = IR n \{0}. Further: 

(a) There is no single-valued function which satisfies the definition (1) and is continuous on 
R n . For such a function, being continuous and integer- valued, would have to be constant 
on its domain M n \{0}, with constant value (say) j G {l,...,n}. But its value on the 
Xj-axis would have to be different from j, leading to a contradiction. 
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(b) However there is a computable (and hence continuous!) single-valued function 

piv : CS n — + {l,...,n} (2) 

with a simple algorithm. Note however that pivo is not extensional on CS n (i.e., not 
well defined on R n ), or (equivalently) the map (2) cannot be factored through R n : 




{l,...,n} 



In effect, we can regain continuity (for a single- valued function), by foregoing extensionality. 

(c) Alternatively, we can maintain continuity and extensionality by giving up single- 
valuedness. For the many- valued function 

piv^r 1 - P w ({l,...,n}) 

(where V u (. . .) denotes the set of countable subsets of ••• ) defined by: for all k G 
{l,...,n} 

k G piv w (xi, . . .,x n ) x k ^ 0, 

is extensional and continuous, where a function 

f:A - P W (S) 

is defined to be continuous iff for all open Y C S, 

/-i[y] : = {xgA /Wny^l} 

is open in A. (We will consider continuity of many-valued functions systematically in 
Section 5.) 

Remarks 1.2.2. (i) The many-valued function piv w is "tracked" (in a sense to be 
elucidated in Section 6) by (any implementation of) pivo. 

(ii) We could only recover continuity of the piv function by giving up either extensionality 
(as in (&)) or single- valuedness (as in (c)). 

(ii) Note however that the complete algorithm for inverting matrices is continuous and 
deterministic (hence single-valued) and extensional, even though it contains piv as an 
essential component! 



Example 1.2.3: "Choose" a rational arbitrarily near a real. Define a function 

F:MxN -> N 
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by 

F(x,n) = "some" k : d(x,r k ) < 2" n (3) 

where (as before) ro, ri, 7*2, • • • is some standard enumeration of the rationals. Note again 
(as in Example 1.1): 

(a) There is no single-valued, continuous function F satisfying (3). This is because such 
a function, being continuous with discrete range space, would have to be constant in the 
first argument. 

(6) But there is a single-valued computable (and continuous) function 

F : CS x N -> N 

trivially - just define 

Fo(£,n) = £n- 

This is, again, non-extensional on M. 

(c) Further, there is a many-valued, continuous, extensional function satisfying (1): 

F u :lxN -> P W (N) 

where 

i^(;r,n) = {A;|d(o:,r fc )<2-}. 

Example 1.2.4: Finding the root of a function. This example is adapted from 
[WeiOO]. Consider the function f a shown in Figure 1, where a is a parameter which can 
assume any real value. 



y=fj*) 




Figure 1 
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It is defined by 

{x + a + 2 if x < -1 
a — x if — 1 < x < 1 
x + a- 2 ifl<x. 

This function has either 1 or 3 roots, depending on the size of a. For a < — 1, f a has 
a single (large positive) root; for a > 1, / a has a single (large negative) root; and for 
— 1 < a < 1, / a has three roots, two of which become equal when a = ±1. 

Let g be the (many-valued) function, such that g(a) gives all the non-repeated roots of 
f a . This is shown in Figure 2. 



g(a) 



-1 






1 



Figure 2 



Again, we have the same situation as in the previous examples: 

(a) We cannot choose a (single) root of f a continuously as a function of a. 

(b) However, one can easily choose and compute a root of f a continuously as a function of 
a Cauchy sequence representation of a, i.e., non-extensionally in a. 

(c) Finally, fir(a), as a many-valued function of a, is continuous. (Note that in order to 
have continuity, we must exclude the repeated roots of / a , at a = ±1.) 

Remark 1.2.5. Other examples of a similar nature abound, and can be treated similarly; 
for example, the problem of finding, for a given real number x, an integer n > x. 
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1.3 Solutions for the abstract model 

In the above three examples we have given: 
(i) a number of single-valued functions /: M. n — > R that we want to compute; 
(u) arguments that they are not continuous; 

(Hi) a prima facie case that they cannot be abstractly computed on the abstract data 
type A containing R because they are not continuous; 

(iv) a prima facie case that they can be computed in the concrete data type CS; 

(v) arguments that they are selection functions for many-valued functions on M. that are 
continuous. 

At the level of concrete models of computation, there is not really a problem with the 
issues raised by the above examples, since concrete models work only by computations on 
representations of the reals (say by Cauchy sequences), as described fully in Sections 5 and 
7. 

The real problem arises with the construction of abstract models of computation on 
the reals which should model the phenomena illustrated by these examples, and should, 
moreover, correspond, in some sense, to the concrete models. Thus we have the question: 

Can such continuous many-valued functions be computed on the abstract data 
type A containing K. using new abstract models of computation? If they can, 
are the concrete and abstract models then equivalent? 

The rest of this paper deals with these issues. We answer the above question more 
generally, over many-sorted partial metric algebras A. 

The solution presented in this paper is to extend the While* programming language 
over A [TZOO] with a nondeterministic "countable choice" programming construct, so that 
in the rules of program term formation, 

choose z : b 

is a new term of type nat, where z is a variable of type natand b is a term of type bool. 
We will revisit the examples after giving the language definition in Section 3. 

Alternatively, one could use other abstract models; for example, one can modify the 
(UPR* function schemes [TZOO, §8.1] by replacing the constructive least number (/x) oper- 
ator 

f(x) ~ fize N[g(x,z) =tt], 
where g is a boolean-valued function, by a nondeterministic choice operator: 

f(x) ~ choose z e N[<7(x, z) = tt]. 

Given suitable semantics, these two approaches turn out to be equivalent. 

In [Bra99] a more elaborate set of recursive schemes over many-sorted algebras, with 
many-valued operations, was presented. 
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2 Topological partial algebras and continuity 

We define some basic notions concerning topological and metric many-sorted partial al- 
gebras. We begin with some basic ideas and examples. 



2.1 Basic algebraic definitions 

A signature U (for a many-sorted partial algebra) is a pair consisting of (i) a finite set 
Sort(S) of sorts, and (ii) a finite set Func(U) of (basic) function symbols, each symbol 
F having a type s\ x • • • x s m — > s, where s±, . . . , s m , s G Sort(S); in that case we write 
F : si x • • • x s m — > s. (The case m = corresponds to constant symbols.) 

A E-product type has the form « = si x • ■ ■ x s m (m > 0), where si, . . . , s m are 
Z'-sorts. We use the notation u, v, w, . . . for ^-product types. 

A partial U-algebra A has, for each sort s of U, a non-empty carrier set A s of sort s, 
and for each E- function symbol F : u — * s, a partial function F A : A u — >■ A s , where, 
for the ^-product type u = s± x • • • x s m , we write A u =df A Sl x • • • x A Sm . (The 
notation / : X — >■ Y refers in general to a partial function from X to Y.) 

The algebra A is total if F" 4 is total for each ^-function symbol F. Without such a 
totality assumption, A is called partial. 

In this paper we deal mainly with partial algebras. The default assumption is that 
"algebra" refers to partial algebra. We will, nevertheless, for the sake of emphasis, often 
speak explicitly of "partial algebras" . 

Given an algebra A, we write U(A) for its signature. 



Examples 2.1.1. The following algebras will be used repeatedly as examples in this paper. 
All but one are total. 

(a) The algebra of booleans has the carrier B = {tt, ff} of sort bool. The signature S(B) 
and algebra B respectively can be displayed as follows: 



signature S(B) 
sorts bool 

functions true, false: — > bool, 
and, or : bool 2 — > bool 
not : bool — > bool 

end 



algebra B 

carriers B 

functions tt, ff : — > B, 

and 6 ,or B : B 2 -> B 
not B : B -> B 

end 



Usually the signature can essentially be inferred from the algebra; indeed we will not define 
the signature where no confusion will arise. Further, for notational simplicity, we will not 
always distinguish between function names in the signature (true, etc.) and their intended 
interpretations (true 23 = tt, etc.) 

(6) The algebra Afo of naturals has a carrier N of sort nat, together with the zero constant 
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and successor function: 



algebra 
carriers 
functions 



N 
: 



S : N 



N 



end 



(c) The ring TZq of reals has a carrier R of sort real: 



algebra 



n 

R 

0, 1 : -> R, 
+, x : R 2 -> R, 
- : R -> R 



carriers 



functions 



end 



(d) The field 1Z\ of reals is formed by adding the multiplicative inverse to the ring TZq: 



This is an example of a partial algebra. More examples of partial algebras wil be given 
later. 

Throughout this work we make the following assumption about the signatures U. 

Assumption 2.1.2 (Instantiation Assumption). For every sort s of S, there is a 
closed term of that sort, called the default term 5 s of that sort. 

This guarantees the presence of default values d s A in a I7-algebra A at all sorts s, and 
default tuples S\ at all product types u. 

Definition 2.1.3 (Expansions and reducts). Let £ and £' be signatures with £ C 

(a) If A' is a ^'-algebra, then the E-reduct of A', A' \ z, is the algebra of signature U, 
consisting of the carriers of A' named by the sorts of U and equipped with the functions 
of A' named by the function symbols of U. 

(b) If A is a 17-algebra and A' is a ^'-algebra, then A' is a S' -expansion of A iff A is the 
i7-reduct of A' . 



algebra 1Z\ 

import TZ 

functions inv^ : R — > R 
end 



where 
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2.2 Adding booleans: Standard signatures and algebras 

The algebra B of booleans (Example 2.1.1(a)) plays an essential role in computation, as 
we will see. This motivates the following definition. 

Definition 2.2.1 (Standard signature). A signature £ is standard if 
(i) it contains the signature of booleans, i.e., S(B) Ci, and 
(ii) The function symbols of U include a conditional 

if s : bool x s 2 — > s 

for all sorts s of £ other than bool. 

Now given a standard signature U, a sort of £ is called an equality sort if U includes 
an equality operator 

eq s : s 2 — > bool. 

Definition 2.2.2 (Standard algebra). Given a standard signature S, a 17-algebra A 
is a standard if 

(i) it is an expansion of £>; 

(ii) the conditional operator on each sort s has its standard interpretation in A; i.e., for 
b E B and x,y E A s , 

a, s f x if 6 = tt 
I 2/ if 6 = f; 

(iii) the equality operator eq s is interpreted as a partial identity on each equality sort 
s, i.e., for any two elements of A s , if they are identical, then the operator at these 
arguments returns tt if it returns anything; and if they are not identical, it returns 
ff if anything. More specifically, there are three possible cases. First, the case 



eqf(x,y) = 



tt if x = y 
ff otherwise, 



i.e., total equality, represents the situation that equality is "decidable" or "com- 
putable" at sort s, for example, when s = nat. Second, the case 



tt if x = y 
| otherwise 



represents typically the situation that that equality is "semidecidable" . An example 
is given by the initial term algebra of an r.e. equational theory. Third, the case 



eq^V,y) 



t if x = y 
ff otherwise, 
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represents typically the situation that that equality is "co-semidecidable" . Examples 
are given by the data types of streams and real numbers, as mentioned in 1.1.3; see 
Example 2.2.4(c) below. 

Note that any many-sorted signature S can be standardised to a signature S by adjoining 
the sort bool together with the standard boolean operations; and, correspondingly, any 
algebra A can be standardised to an algebra A B by adjoining the algebra B as well as the 
conditional and equality operators. 

Examples 2.2.4 (Standard algebras). 

(a) The simplest standard algebra is the algebra B of the booleans (Example 2.1.1(a)). 

(6) A standard algebra of naturals Af is formed by standardising the algebra A/"o 
(Example 2.1.1(6)), with (total) equality and order operations on N: 



algebra 


M 


import 


A/" , B 


functions 


if^ t : 1 x N 2 -> N, 
eq^at, less^ at : N 2 - B 


end 





(c) A standard partial algebra 1Z on the reals is formed similarly by standardising the field 
IZi (Example 2.1.1(d)), with partial equality and order operations on R: 



algebra 


K 


import 


K u B 


functions 


ifj a , : B x R 2 — +R, 


end 





where 



t if x = y 
ff if x 7^ y. 



and 



'essSaiC^y) 




Discussion 2.2.5 (Semicomputability and co-semicomputability). The signif- 
icance of the partial equality and order operations in Example (c) above, in connection 
with computability and continuity, has been touched on in 1.1.3. The continuity of partial 
functions will be discussed in §2.5 (and see in particular Example 2.5.3(6)). Regarding 
computability, these definitions are intended to reflect, or capture the intuition of, the 
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" semicomputability" of order and the li co- semicomputability" of equality on (a concrete 
model of) the reals. For given two reals x and y, represented (say) by their infinite decimal 
expansions, suppose their decimal digits are being read systematically, the n-th digit of 
both at step n. Then if x 7^ y or x < y, this will become apparent after finitely many 
steps, but no finite number of steps can confirm that x = y. 

Throughout this paper, we will assume the following, unless specifically noted to the 
contrary. 

Assumption 2.2.6 (Standardness Assumption). The signature £ and S-algebra 
A are standard. 

2.3 Adding counters: N-standard signatures and algebras 

The standard algebra Af of naturals (Example 2.2.4(6)) plays, like £>, an essential role in 
computation. This motivates the following definition. 

Definition 2.3.1 (N-standard signature). A signature £ is N-standard if 
(i) it is standard, and 

(ii) it contains the standard signature of naturals (Example 2.2.4(6)), i.e., S(Af) C E. 

Definition 2.3.2 (N-standard algebra). Given an N-standard signature U, a corre- 
sponding I7-algebra A is N-standard if it is an expansion of Af. 

Note that any standard signature U can be N- standardised to a signature U N by ad- 
joining the sort nat and the operations 0, S, eq na t, less na t and if na t- Correspondingly, any 
standard I7-algebra A can be N- standardised to an algebra A N by adjoining the carrier N 
together with the corresponding standard functions. 

Examples 2.3.3 (N-standard algebras). 

(a) The simplest N-standard algebra is the algebra Af (Example 2.2.4(6)). 

(6) We can N-standardise the standard real algebra 1Z (Example 2.2.4(c)) to form the 
algebra 1Z N . 

2.4 Adding arrays: Algebras A* of signature E* 

The significance of arrays for computation is that they provide finite but unbounded mem- 
ory. 

Given a standard signature and standard Z'-algebra A, we expand U and A in two 
stages: 

(1°) N-standardise these to form E N and A N , as in §2.3. 

(2°) Define, for each sort s of the carrier A* to be the set of finite sequences or arrays 
a* over A s , of "starred sort" s*. 
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The resulting algebras A* have signature U*, which extends U by including, for each 
sort s of S, the new starred sorts s* , and certain new function symbols. Details are given 
in [TZOO, §2.7] and (an equivalent but simpler version) in [TZ99, §2.4]. 

The reason for introducing starred sorts is the lack of effective coding of finite sequences 
within abstract algebras in general. 

2.5 Topological partial algebras 

We now add topologies to our partial algebras, with the requirement of continuity for the 
basic partial functions. Background information on topology can be obtained from any 
standard text, e.g., [Kel55, Dug66, Eng89]. 

Definition 2.5.1. Given two topological spaces X and Y , a partial function 
/ : X — > Y is continuous if for every open V CY, 

f'iV] =df {x E X | x E dom(f) and f(x) eY} 

is open in X. 

Definition 2.5.2. (a) A topological partial U-algebra is a partial Z'-algebra with topolo- 
gies on the carriers such that each of the basic E-f unctions is continuous. 

(b) An (N-) standard topological partial algebra is a topological partial algebra which is 
also an (N-) standard partial algebra, such that the carriers B (and N) have the discrete 
topology. 

Examples 2.5.3. (a) (Discrete algebras.) The standard algebras B and M of booleans 
and naturals respectively (§§2.1, 2.2) are topological (total) algebras under the discrete 
topology. All functions on them are trivially continuous, since the carriers are discrete. 

(b) (Partial real algebra.) An important standard topological partial algebra for our pur- 
pose is the real algebra 1Z (Example 2.2.4(c)), or its N-standardised version TZ N (Example 
2.3.3(6)), in which R has its usual topology, and B and N the discrete topology. Recall our 
earlier discussion (1.1.3) of partiality of tests in connection with continuity, and note that 
the partial operations eq^ a! and less^ a! are continuous, in the sense of Definition 2.5.1. 

(c) (Partial interval algebras.) Another useful class of standard topological partial algebras 
are of the form 



algebra 


J 






import 


K 






carriers 


I 






functions 


ij : 








Fx 


■ i m i 


I, 




F k 


. jrn k _^ 


I 


end 
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where I is the closed interval [0, 1] (with its usual topology), \j is the embedding of I into 
R, and Fi : I m% — > / are continuous partial functions. These are called (partial) interval 
algebras on I. There are also N-standard versions: 



algebra 


jN 


import 


7Z N 


carriers 


I 


functions 


i 7 : I -> R, 


end 





(d) (N-standard total real algebra.) The algebra lZ t is ( "£" for "total topological" ) , defined 
by 



algebra 




import 




functions 


if2 a | : B x R 2 -> R, 
divj* t : R x N -> R, 


end 





Here 7£ is the ring of reals (§2. 1.1(c)), Af is the standard algebra of naturals (2.2.4(6)), 
and div nat is division of reals by naturals. 

Note that 7Z^ does not contain (total) boolean-valued functions < or = on the reals, 
since they are not continuous (cf. the partial functions eq rea | and less rea | of 7Z). It is 
therefore not an expansion of 71. 

Definition 2.5.4 (Extensions of topology to A N and A*). Corresponding to the 
various algebraic expansions of A detailed in §§2.3 and 2.4, there are induced topological 
expansions. 

(a) The topological partial N-standard algebra A N , of signature S N , is constructed from 
A by giving the new carrier N the discrete topology. 

(b) The topological partial array algebra A*, of signature U*, is constructed from A N 
as follows. Viewing the elements of A* as (essentially) arrays of elements of A s of finite 
length, we can give A* the disjoint union topology of the sets (A s ) n of arrays of length 
n, for all n > 0, where each set (A s ) n is given the product topology of the sets A s . 

The topology on A* can also be described as follows. The basic open sets in A* s are of 
the form 

{a* E A* s | Lgth(a*) > i n and a*[h] e U u . . . , a*[i n ] e U n } 

for some n > 0, i\ < • • • < i n and open sets U\, . . . , U n C A s . 

It is easy to check that A* is indeed a topological algebra, i.e., all the new functions of 
A* are continuous. 
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2.6 Metric algebra 

A particular type of topological algebra is a metric partial algebra. This is a many-sorted 
standard partial algebra with an associated metric: 



algebra A 

import £>, 1Z 

carriers Ai,...,A r , 

functions Ff 4 : A Ul — > A 



Sl 1 



F A . 

df : A\ - 



Sfe' 



end 



d(x,y) = 



where B and 72. are respectively the algebras of booleans and reals (Examples 2.1.1(a), 
2.2.4(c)), the carriers Ai, . . . ,A r are metric spaces with metrics df , . . . , dj 4 respectively, 
Fx, . . . , F k are the Z'-function symbols other than di, . . . , d&, and the (partial) functions 
Ff- are all continuous with respect to these metrics, where continuity of a partial function 
is understood as in Definition 2.5.1. 

Clearly, metric algebras can be viewed as special cases of topological partial algebras. 

Note that the carrier B (as well as N, if present) has the discrete metric, defined by 

if x = y 

1 if x ^ y, 

which induces the discrete topology. 

We will often speak of a "metric algebra A" , without stating the metric explicitly. 

Example 2.6.1. The partial and total real algebras 7Z, 1Z N and 71^ (Examples 2.5.3) can 
be recast as metric algebras in an obvious way. 

Remark 2.6.2 (Extension of metric to A*). A metric algebra A can be expanded 
to a metric algebra A* of arrays over A. Namely, given a metric d s on A s , we define a 
(bounded) metric d* on A* s as follows: for a* = (a\, . . . , a^), b* = (bi, . . .,bi) G A*: 



d s *(a*, 6*) = 



1 if k^l 

min(l, max^Zg 1 d s (a*[i], b*[i])) otherwise 

This gives the same topology on A* as that induced by the topology on A (Definition 2.5.4) 
[Eng89]. 

Remark 2.6.3 (Product metric on A). If A is a Z'-metric algebra, then for each 
I7-product sort u = si x • • • x s m , we can define a metric d u on A u by 



d u {{x 



1; 



(y 



,y m )) = max(d a .(xi,2/i)) 
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or more generally, by the £ p metric 

m 

d u ((x 1 ,...,x m ),(y 1 ,...,y m )) = Q2(d Si (xi,yi)) p ) 1/p ((1 < p < oo)) 

i=i 

where p = oo corresponds to the "max" metric. This induces the product topology on A u . 

2.7 W-continuity: Another notion of continuity of partial functions 

Recall our definition (2.5.1) of continuity of partial functions: / : X — >Y is continuous 
if for every open V C Y, / _1 [V] is open in X. 

This is not the only reasonable definition. Another definition, used in [WeiOO] and 
[Bra96, Bra99] (henceforth "W-continuity"), amounts to saying that / is continuous iff its 
restriction to its domain 

/ \ dom(f) : dom(f) - Y 

is continuous (as a total function), where dom(f) has the topology as a subspace of A; 
or, equivalently, iff for every open V CY, / _1 [V] is open in dom(f). 

The following is easily checked: 
Proposition 2.7.1. / is continuous <^=^> / is W-continuous and dom(f) is open. 

Remark 2.7.2. It is instructive to express these two notions of continuity in terms of 
metric spaces. Suppose / : X — > Y where X and Y are metric spaces. Then 

(a) / is continuous iff 

Va G dom(/)Ve > 035 > OVx G B(a,S) (x G dom(f) A f(x) G B(/(a),e)). 

(b) f is W-continuous iff 

Va G dom(/)Ve > 036 > OVx G B(a,o) (a G dom(/) -> /(x) G B(/(a),e)). 

Here B(a, 5) is the open ball with centre a and radius 5. 

Example 2.7.3. Consider the partial function /: K. — > H. defined by 

f if x is an integer 
{ t otherwise. 

Then / is W-continuous, but not continuous. 
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3 ' While' programming with countable choice 

The programming language WhileCC = WhileCC(S) is an extension of While(E) 
[TZOO, §2.1, 2.13] with an extra 'choose' rule of term formation. We give the complete 
definition of its syntax and semantics, using the algebraic operational semantics of [TZOO]. 

Assume £ is an N-standard signature, and A is an N-standard Z'-algebra. 
3.1 Syntax of WhileCC(S) 

We define four syntactic classes: variables, terms, statements and procedures. 

(a) Var = Var(E) is the class of E-program variables, and for each Z'-sort s, Var s is 
the class of program variables of sort s: a s , b s , . . . , x s , y s 

(b) PTerm = PTerm(S) is the class of S-program terms t, . . . , and for each Z'-sort s, 
PTerm s is the class of program terms of sort s. These are generated by the rules 

t ::= x s | ...,*„) | choose z nat : b 

where s,Si, . . . ,s n are Z-sorts, F : s± x • • • x s n — > s is a ^-function symbol, tj G 
PTerm Si for z = 1, . . . , n (n > 0), and 6 is a boolean term, i.e., a term of sort bool. 

Think of 'choose' as a generalisation of the constructive least number operator least z : b 
which has the value k in case b[z/k] is true and b[z/i] is defined and false for all i < k, 
and is undefined in case no such k exists. 

Here 'choose z : 6' selects some value k such that b[z/k] is true, if any such k exists (and 
is undefined otherwise) . Which value is selected depends, in general, on the implementation 
of the algebra A. In our abstract semantics, we will give the meaning as the set of all 
possible k's (hence "countable choice"). Any concrete model will select a particular k, 
according to the implementation. 

Note that the program terms extend the algebraic terms (i.e., the terms over the signa- 
ture U) by including in their construction the 'choose' operator, which is not an operation 
of U. An alternative formulation would be to have 'choose' not as part of the term con- 
struction, but rather as a new atomic program statement: 'choose z : V . We prefer the 
present treatment, as it leads to the construction of many-valued term semantics (as we 
will see), which is interesting in itself, and which we would get anyway if we were to extend 
our syntax to include many-valued function procedure calls in our term construction. 

We write t : s to indicate that t G PTerm s , and for u = s± x • • • x s m , we write t : u 
to indicate that t is a u-tuple of program terms, i.e., a tuple of program terms of sorts 
Slj • • • ? s m . 

We also use the notation b, . . . for boolean terms. 

(c) AtSt = AtSt(U) is the class of atomic statements S a t, ■ ■ ■ defined by 

Sat '■'■= skip | div | x := t 

where 'div' stands for "divergence" (non-teremination) , and x := t is a concurrent assign- 
ment, where for some product type u, t : u and x is a -u-tuple of distinct variables. 
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(d) Stmt = Stmt(U) is the class of statements S, . . . , generated by the rules 

S ::= S at | S±; S 2 | if b then Si else S 2 fi | while b do S od 

(e) Proc = Proc(S) is the class of function procedures P,Q, These have the form 

P = func in a out b aux c begin S end 

where a, b and c are lists of input variables, output variables and auxiliary (or local) 
variables respectively, and S is the body. Further, we stipulate: 

• a, b and c each consist of distinct variables, and they are pairwise disjoint, 

• all variables occurring in S must be among a, b or c, 

• the input variables a must not occur on the lhs of assignments in S, 

• initialisation condition: S has the form Si n i t ;S', where is a concurrent as- 
signment which initialises all the output and auxiliary variables, i.e., assigns to each 
variable in b and c the default term (2.1.2) of the same sort. 

If a : u and b : v, then P is said to have type u — > v, written P : u — > v. Its input type 
is u. 

3.2 Algebraic operational semantics of WhileCC 

We will interpret programs as countably-many-valued state transformations, and function 
procedures as countably-many-valued functions on A. Our approach follows the algebraic 
operational semantics of [TZOO, §§3.4]. First we need some definitions and notation for 
many-valued functions. 

Notation 3.2.1. 

(a) Vui(X) is the set of all countable subsets of a set X, including the empty set. 

(b) V+(X) is the set of all countable non-empty subsets of X. 

(c) We write for Y U { | }, where 'f denotes divergence. 

(d) We write / : X =4 Y for / : X -> V U (Y). 

(e) We write / : X ^+ Y for / : X -> V+(Y). 

We will interpret a WhileCC procedure 

P : it — > s 

as a countably-many-valued function P" 4 from A u to A s ^, z.e., as a function 

: A u -> P W (V) 

or, in the above notation: 

pA . A u ^+ 
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Remark 3.2.2 (Significance of 'f'). Notice that an output of, say, {2, 5, f} is different 
from {2, 5}, since the former indicates the possibility of divergence. So a semantic function 
will have, for inputs not in its domain, 'f as a possible output value. 

Definition 3.2.3 (States), (a) For each 17-algebra A, a state on A is a family 
(a s | s G Sort(E)) of functions 

cr s : Var s -> A s . 
Let State(A) be the set of states on A, with elements a, . . . . 

(6) Let a be a state over A, x = (xi, . . . , x n ) : it and a = (ai, . . . , a n ) G A" (for n > 1). 
The variant a{x/a} of a is the state over A formed from cr by replacing its value at Xj by 
^ for i = 1, . . . , n. 

We give a brief overview of algebraic operational semantics. This was used in [TZ88] 
for deterministic imperative languages with 'while' and recursion (see [TZOO] for the case 
of While(U)), but it can be applied to a wide variety of imperative languages. It has also 
been used to analyse compiler correctness [Ste96]. It can also be adapted, as we will see, 
to a nondeterministic language such as WhileCC* . 

Assume {%) we have a meaning function for atomic statements 

(| Sat |) : State(A) ^+ State(A)\ 

and (ii) we have defined a pair of functions 

First : Stmt -> AtSt 
Rest A : Stmt x State(A) -> Stmt, 

where, for a statement S and state a, 

First(S) is an atomic statement which gives the first step in the execution of 
S (in any state), and Rest A (S, a) is a statement (or, in the present context, 
a finite set of statements) which gives the rest of the execution in state a. 

From these we define the computation step function 

CompStep A : Stmtx State(A) ^+ State^A^ 



by CompStep A (S,a) = (\First(S)\) A a. 

from which, in turn, we can define (for the deterministic language of [TZOO]) a compu- 
tation sequence or (for the present language) a computation tree. The aim is to define a 
computation tree stage function 

CompTreeStage A : Stmt x State(A) x N (State(Ay) <UJ 

where CompTreeStage A (S, a,n) represents the first n stages of CompTree A (S, a). 
Here (State(Ay) <UJ denotes the set of finite sequences from State(AY , interpreted as 
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finite initial segments of the paths through the computation tree. From this, in turn, are 
defined the semantics of statements and procedures. 

The intuition behind these semantics is that 

for any input x G A u , P A (x) is the set of all possible outcomes (including di- 
vergence), for all possible implementations of the 'choose' construct, including 
non-constructive implementations! 

For if (for a given input x) the only infinite paths through the semantic computation tree 
are non-constructive, then P A (a) will still include 'f. 

We now turn to the details of these definitions, 
(a) Semantics of program terms. The meaning of t G PTerm s is a function 

ft] A : State(A) ^+ Aj . 



The definition is by structural induction on t: 

M A a ={a(x)} 
[c] A a ={c A } 

[F(t u . . . , t m )] A a = { y | 3xi G A n {hja . . . 3x m G A n {t m ja : F A (x u . . . , x m ) [ y } 

U { t | 3xi G A n [ti]<7 . . . 3x m G A n [t m ]<7 : F A (xi, . . . , x m ) T } 
U { T | T G [til A cr for some i, 1 < % < m } 
[if(6,ti,t 2 )] A a = {y | (tt G [6] A a A y G [tifa) V (ff G [6] A a A y G [t 2 ] A a) } 

u { T I T g M a ct } 

[choose z : b] A a = { n G N | tt G [6] A a{z/?i} } 

U { t | Vn G N(ff G {b] A a{z/n} V | G |6] A a{z/n}) }. 

Notice that [choose z : bj A a could include both natural numbers and 'f, since for any n, 
[6] A a{z/n} could include both tt and ff. 

(6) Semantics of atomic statements. The meaning of an atomic statement S a t G 
AtSt is a function 

(| S at |> : S£ate(A) ^ + Sta£e(A) T 

defined by: 

<|skip|) A a = {a} 
(|div|) A a ={T} 
(| x : = t\i A a = { a{x/a} \ a <E Ail {tj A a } 
U { T | T G lt} A a } 
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(c) The First and Rest operations. The operation 

First : Stmt -> 

is defined exactly as in [TZOO, §3.5], namely: 

{S if S is atomic 

First(Si) if S = Si;S 2 
skip otherwise. 

The operation 

Rest A : Stmt x State(A) =4+ S£m£, 

is defined as follows (cf. [TZOO, §3.5]): 
Case 1. S is atomic. Then 

Rest A (S,a) = {skip}. 

Case U. S 1 = Si; 52- 

Case #a. Si is atomic. Then 

Rest A (S,a) = {S 2 }. 
Case 2b. Si is not atomic. Then 

Rest A (S,a) = {S'; S 2 \ S' e Rest A (Si,a)} U { div | div e Rest A (Si, a) }. 
Case 3. S = if 6 then Si else £2 fi. Then Rest A (S,a) contains all of: 

51 if it G [6] A a, 

5 2 ifffG[6]V 
div if t e [ol A a. 

Note that more than one condition may hold. 

Case 4- S = while do So od. Then Rest A (S,a) contains all of: 

S ;S if tte lb} A a, 

skip if f e [b] A a, 
div if t e lbj A a. 

Note again that more than one condition may hold. 

(d) Computation step. From the First function we can define the computation step 
function 

CompStep A : Stmtx State(A) ^+ State(A) ] ' 
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which is like the one-step computation function Comp A of [TZOO, §3.4], except for being 
mult i- valued: 

CompStep A (S,a) = (\First(S)^ A a. 

(e) The computation tree. The computation sequence, which is basic to the semantics 
of While computations in [TZOO], is replaced here by a computation tree 

CompTree A (S, a) 

of a statement S at a state a. This is an w-branching tree, branching according to all pos- 
sible outcomes (i.e., "output states") of the one-step computation function CompStep A . 
Each node of this tree is labelled by either a state or 'f. 

Any actual ("concrete") computation of statement S at state a corresponds to one of 
the paths through this tree. The possibilities for any such path are: 

(i) it is finite, ending in a leaf containing a state: the final state of the computation; 

(ii) it is finite, ending in a leaf containing 'f (local divergence); 

(Hi) it is infinite (global divergence). 

Correspondingly, the function Comp A of [TZOO, §3.4] is replaced by a computation 
tree stage function 

CompTreeStage A : Stmt x State(A) x N =4+ (State(AY) <UJ 

where CompTreeStage A (S, a,n) represents the first n stages of CompTree A (S, a). 
This is defined (like Comp A ) by a simple recursion ("tail recursion") on n: 

Basis: CompTreeStage A (S, a, 0) = {a}, i.e., just the root labelled by a. 

Induction step: CompTreeStage A (S, a,n) is formed by attaching to the root {a} the 
following: 

(i) for S atomic: the leaf {cr'}, for each a' E (\S\} A a (where a' may be a state or f); 

(ii) for S not atomic: 

the subtree C omp Tree S tag e A (S' ,a' ,n), for each a' G CompStep A (S, a) (a' ^ f) 
and S' e Rest A (S, a), as well as the leaf { | } if 'f G Comp^tep^ 4 ^, a). 

Then CompTree A (S , a) is defined as the "limit" over n of CompTreeStage A (S, a, n). 

Note that only the leaves of CompTree A (S, a) may contain 'f , indicating "local di- 
vergence" . 

(f) Semantics of statements. From the semantic computation tree we can easily define 
the i/o semantics of statements 

{Sj A : State(A) ^+ State(A)' r . 

Namely, 
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{SJ A a is the set of states and/or 'j ' at all leaves in CompTree A (S, a), together 
with 't' if CompTree A (S,a) has an infinite path. 

(g) Semantics of procedures. Finally, if 

P = func in a out b aux c begin S end (1) 

is a procedure of type u — > v, then its meaning in A is a function 

p A . A u A v] 

denned as follows (cf. [TZOO, §3.6]). For x G A u , 

P A (x) = {(/(b) | a' G U {T | T G [S]M 

where a is any state on A such that a [a] = x. 

Remark 3.2.4. From the initialisation condition (§3. 1(e)) it follows by a "functionality 
lemma" (cf. [TZOO, 3.6.1]) that P A is well defined. 

Definition 3.2.5. A WhileCC procedure P : u — > i> is deterministic on A if for all 

i£i", P A (x) is a singleton. 

Remark 3.2.6 (Two concepts of deterministic computation). One can distinguish 
between two notions of deterministic computation: (i) strong deterministic computation, 
the common concept, in which each step of the computation is determinate; and (ii) weak 
deterministic computation, in which the output (or divergence) is uniquely determined by 
(i.e., a unique function of) the input, but the steps in the computation are not determinate. 
A good example of (ii) is the Gaussian elimination algorithm (§1.2.1, §4.1) which, although 
defining a unique function (the inverse of a matrix), incorporates the (nondeterministic!) 
pivot function as a subroutine. In Definition 3.2.5 and elsewhere in this paper, we are 
concerned with the weak sense of deterministic computation. 

Definition 3.2.7. (a) A many-valued function F : A u =T+ Aj is WhileCC 
computable on A if there is a WhileCC procedure P such that F = P A . 

(b) A partial function F : A u — > A s is WhileCC computable on A if there is a deter- 
ministic WhileCC procedure P : u — > s such that for all x G A u , 

(i) F(x)iy =}► P A (x) = {y}, 

(U) F(x)T =► P A (x) = tf}, 

Remark 3.2.8 (Many- valued algebras). As we have seen, the semantics for WhileCC 
procedures is given by countably many-valued functions. If we were to start with algebras 
with many- valued basic operations, as in [Bra96, Bra99], the algebraic operational seman- 
tics could handle this just as easily, by adapting the clause for the basic Z'-function F in 
part (a) ( "Semantics of program terms" ) of the semantic definition above. 
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3.3 The language WhileCC* (U) 

In [TZ99, TZOO] we worked with the language While* rather than While, which can 
be viewed as While augmented by auxiliary array and nat variables [TZOO, §3.13]. The 
importance of While* computability lies in the fact that it forms the basis for a generalised 
Church- Turing Thesis for computability on abstract many-sorted algebras [TZOO, §8]. 

Here, similarly, we will work with the language WhileCC* = WhileCC* (S), which 
may be thought of as WhileCC (U) augmented by auxiliary array and nat variables (or 
as While* (S) augmented by the 'choose' construct). More precisely: 

Definition 3.3.1 (The WhileCC*(S) language). A WhileCC*(U) procedure is a 
WhileCC (S*) procedure in which the input and output variables have sorts in S only. 
(However the auxiliary variables may have starred sorts or sort nat.) 

Thus a WhileCC* (S) procedure defines a countably-many- valued function on any stan- 
dard Z'-algebra. 

3.4 Some computability issues in the semantics of WhileCC* procedures 

Some interesting issues in the semantics of WhileCC* arise already in the case of com- 
putation over the algebra Af of naturals (Example 2.2.4(6)). 

(a) Elimination of 'choose' from deterministic WhileCC* programs over total 
algebras 

The 'choose' operator can be eliminated from deterministic WhileCC* procedures (cf. 
Definition 3.2.5 and Remark 3.2.6) over total algebras. 

Proposition 3.4.1. For any total S-algebra A and f: A u — > A s , 

f is WhileCC* computable over A •<=>- / is While* computable over A. 

Proof: (=>■) Let P be a deterministic WhileCC* procedure over A which computes /. 
Since A is total, evaluation of any boolean term b over A (relative to a state) converges to 
tt or ff in A. Further, since P is deterministic, its output for a given input is independent 
of the implementation. Hence every 'choose' term in P of the form choose z : b[z] can be 
replaced by a 'while' loop which tests b[0], b[l], b[2], ... in turn, i.e., finds the least k for 
which b[k] is true, if it exists, and diverges otherwise. □ 

Applying this to the total algebra Af, and recalling that While* computability over Af 
is equivalent to partial recursiveness (i.e., classical computbility) over N [TZOO], we have: 

Corollary 3.4.2. For any f : N m ~^N, 

/ is WhileCC* computable over Af •<=>- / is partial recursive over N. 

(b) Recursive and non-recursive implementations 

The semantics P A of a procedure P is given, for an input x, by all paths of the compu- 
tation tree T = CompTree A (S,a) (where S is the body of P) representing all possible 
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computation sequences for S starting at state a, where a [a] = x, i.e., all possible imple- 
mentations of instances of the 'choose' construct occurring in the execution of S starting 
at a. This gives rise to interesting computation-theoretic issues even in the simple case 
that A = M. In this case we can assume that T is coded as a subset of N in a standard 
way. Now any path of T ending in a leaf is finite, and therefore (trivially) recursive. An 
infinite path or computation sequence (leading to divergence), however, may or may not 
be recursive. 

Proposition 3.4.3. There is a WhileCC* (Af) procedure P such that its computation 
tree has infinite paths, but no recursive infinite paths. 

Proof: Our construction of P is based on the construction of a recursive tree with infinite 
paths, but no recursive infinite paths [Odi99, V.5.25]. Let A and B be two disjoint r.e., 
recursively inseparable sets, and suppose A = ran(f) and B = ran(g) where / and g are 
total recursive functions. The procedure P can be written in pseudo-code as: 

func aux n, k : nat, 

choices* : nat*, { array recording all choices up to present stage n} 
halt : bool 

begin 

n := 0; 

choices* := Null; 
halt := false; 
while not halt do 

n := n + 1; 

choices* := Newlength (choices*, n + 1); 
choices* [n] := choose z : (z = or z = 1); 
for k := to n — 1 do 

if (choices* [k] = and k e { /(0), . . . , /(n - 1) }) or 
(choices* [k] = 1 and k G { g(0), . . . ,g(n - 1) }) 

then halt := true 

od 

od 

end. 

Let «o? a i, a 2, ••• be the successive values (0 or 1) given by the 'choose' operator in 
some given implementation of P. Note that at stage n, 

choices* [k] = for k = 0, . . . , n — 1. 

Further, the execution diverges if, and only if, the set C =df { k \ au = 1 } separates A 
and B [i.e., A C C and C(~)B = 0), in which case C, and hence its characteristic function 
a = («o, Oil, «2, • • • ), are non-recursive. 
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Note finally that for any given sequence a of choices, a is effectively obtainable from 
the corresponding computation sequence or path, i.e., a is recursive in that path (with 
a standard coding of the computation tree). Hence, since any infinite sequence a is non- 
recursive, so is the corresponding infinite path. □ 

Remarks 3.4.4. (1) Clearly, P as defined above is not semantically equivalent to a 
While* (N) procedure. This does not contradict Proposition 3.4.1, since P is not deter- 
ministic. 

(2) According to our semantics above (§3.2), for P as defined above, | G P A {), i.e., 
divergence is possible. However, if we were to restrict all computation sequences to be 
recursive, then divergence would not be a possible outcome for P A {). The semantics, as 
we give it {i.e., all possible computation sequences are included, whether recursive or not) 
is simpler than this alternative. In any case, as we will see, this choice will not affect 
continuity considerations (cf. Lemmas 5.1.7 and 5.2.1). 

3.5 Approximable WhileCC* computability 

The basic notion of computability that we will be using in working with metric algebras 
is not so much computability, as rather computable approximability on metric algebras, as 
discussed in [TZ99, §9] . We have to adapt the definition given there to the nondeterministic 
case with countable choice. 

Let A be a metric I7-algebra, u a I7-product type and s a I7-type. Let P : nat x u — > s 
be a WhileCC*(S N ) procedure. Put 

P A = df P A (n,-): A u ^+ Aj. 

Note that that for all x G A u , P A (x) ^ 0. 

Definition 3.5.1 (WhileCC* approximability to a single-valued function). 

Let F : A u — > A s be a single-valued partial function on A. 

(a) F is WhileCC* approximable by P on A if for all n G N and all x G A u : 

x G dom(F) =► T i P£{x) C B(F(x), 2~ n ). (1) 
(6) F is strictly WhileCC* approximable by P on A if in addition to (1), 

x£dom{F) =► P A {x) = {]}. (2) 

Remark 3.5.2. If F is strictly approximable by P, then (from (1) and (2)) for all x G A u 
and all n: 

F(x)t <=► ]eP A {x) <=► P A (x) = {]}. 
Clearly, WhileCC* computability is a special case of WhileCC* approximability. 
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Definition 3.5.3 (WhileCC* approximability to a many-valued function). 

Let F : A u =4 A s be a countably-many-valued function on A. 

(a) F is WhileCC* approximable by P on A if for all n G N and all x G A": 

F(x)^0 =► |J B(y, 2"») 

y€F(x) (3) 
and F(x) C (J B(y, 2" n ). 

Note that (assuming j ^ P^(x)) the r.h.s. of (3) implies 

d H (FR,^)) < 2"», (4) 

and is implied by 

d H (FR,^))<2- (5) 

where X denotes the closure of X, and din is the Hausdorff metric on the set of 
closed, bounded non-empty subsets of A s [Eng89, 4.5.23]. (Actually, the Hausdorff 
metric applies only to the space of closed bounded subsets of a given metric space, so 
(4) and (5) should be taken as heuristic statements.) 

In other words (assuming F(x) ^ 0), for all x G A u and all n, each output of F(x) lies 
within 2~ n of some output of P^(x), and vice versa. 

(6) F is strictly WhileCC* approximable by P on A if in addition, 

F(x) = Q> =► P*{x) = {]}. 



Remark 3.5.4. (Cf. Remark 3.5.2.) If F is strictly approximable by P, then for all 
x G A u and all n: 

F(x) = ® <=► tGP^) P n A (x) = {T}. 



4 Examples of WhileCC* computations and approximating 
computations 

4.1 Discussion: Use of 'choose' for searching and dovetailing 

Following the examples in Section 1, the 'choose' construct was introduced to compute 
many-valued functions. Technically, the 'choose' construct strengthens the power of the 
While language in performing searches. In a partial algebra, simple searches (e.g., "find 
some Xk in an effectively enumerated set X = { xq, x±, X2, ■ ■ ■ } satisfying b(xk)") will 
obviously fail in general if the search simply follows the given enumeration of X (i.e., 
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testing in turn whether b(xo), b(x\), 6(^2), . . . holds), since the computation of the boolean 
predicate b (x) may not terminate for some x. 

This problem is overcome, at the concrete model level, by the use of scheduling tech- 
niques such as interleaving or " dovetailing" : at stage n, do n steps in testing whether 
b(xi) holds, for i = 0, . . . , n. 

An important function of the 'choose' construct, which will recur in our examples, is to 
simulate such scheduling techniques at the abstract model level. This allows searches over 
any countable subset X of an algebra A that has a computable enumeration 

enumx : N — > X, 

since we can search X in A by assignments such as 

x := enumx(choose z : &(enumx(z))). 

4.2 Examples 

We now illustrate the use of the WhileCC* language in topological partial algebras with 
examples, which involve computations which are either many-valued, or approximating, 
or both. The examples given in §1.2 to motivate many-valued abstract computation are a 
good place to start. They can be displayed in the table: 





Exact computation 


Approximating computation 


Single- valued 


Gaussian elimination 


e x , sin(x), etc. 


Many-valued 


Approx. points in metric algebra 


All simple roots of polynomial 



Examples 4.2.1, 4.2.2 and 4.2.4 below are all based on the metric algebra derived from 
TZ N (Example 2.3.3(6)). 

Example 4.2.1 (Gaussian elimination). This is a single-valued exact computation. 
The algorithm can be found in any standard text of numerical computation, e.g., [Hea97]. 
It is deterministic, but only in the weak sense (cf. Remark 3.2.6), since it contains, as an 
essential component, the computation of the pivot function (§1.2), which is many-valued, 
and can be formalised simply with the 'choose' construct: 

func in xi, . . . , x n : real 

out i: nat 

aux k: nat 
begin 

i := choose k: (k = 1 and xi 7^ 0) or 
(k = 2 and x 2 ^ 0) or 

(k = n and x n 7^ 0) 

end. 
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Example 4.2.2 (Approximations to e x ). On the N-standard interval algebra 1 N (Ex- 
ample 2.5.3(c)) we give a While procedure to approximate the function e x on I. 

func in n: nat, { degree of approximation } 
x: intvl 

out s: real { partial sum of power series } 

aux y: real, { current term of series } 

k: nat { counter } 



begin 



k := 0; 

y := i; 
s := 1; 

while k < 2 n+1 do 
k := k+ 1; 

y := y x i J (x)/i Ar (k); {y = x k /k!} 

k 

s:=s + y {s = y^y/i ! } 

i=0 

od 

end 

where i/ : I — > K. is the embedding of I in R, which is primitive in U(T N ), and \n '■ N — 
is the embedding of N in R, which is easily definable in While(1Z N ). 

Denoting the above function procedure by P, and T N by A, we have the semantics 

Pn-I - R 



with 

2 n+l 

i=0 



71 



and so for all x E /, 

d(P n A (ar), e^) < 2-, 
i.e., e x is VF/ii/e approximable on X N by P. 

This computation of e x is single- valued, but approximating. 

Example 4.2.3 ("Choosing" a member of an enumerated subspace close to an 
arbitrary element of a metric algebra) . Given a metric algebra A with a countable 
dense subspace C, and an enumeration of C 

enumc : N -» C 
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in the signature, we want to compute a function 

F: AxN -> C 

such that 

F(a,n) = "some" xeC such that d(a,x) < 2~ n . 

This is a generalised version of the problem of approximating reals by rationals (Example 
1.2.3). 

Here is a WhileCC* procedure (in pseudo-code) for an exact computation of this 
function. (Note that the real- valued function 2~ n is While computable on 1Z N , and 
hence on A.) 

func in a : space, 
n : nat 

out x : space 

aux k : nat 
begin 

x := enum c (choose k : d(a, enumc(k)) < 2~ n ) 

end 

This computation is many-valued, but exact. 

Example 4.2.4 (Finding simple roots of a polynomial) . We construct a WhileCC 
procedure to approximate "some" simple root of a polynomial p(X) with real coefficients, 
using the method of bisection. By a simple root of p(X) we mean a real root at which 
p(X) changes sign. (See [Hea97]. In practice, a hybrid method is generally used, involving 
bisection, Newton's method, etc.) 

Fundamental to the bisection method is the concept of a bracket for p(X), which means 
an interval [a, b] such that p(a) and p{b) have opposite signs. By rational bracket, we 
mean a bracket with rational endpoints. 

We note the following: 

(1) Any bracket for p contains a root of p (by the Intermediate Value Theorem), in fact 
a simple root of p. 

(2) Conversely, any simple root of p is contained in a rational bracket for p of arbitrarily 
small width. 

(3) If x is a simple root of p, then any bracket for p of sufficiently small width which 
contains x, contains no other simple root of p. 

(4) If [a, b] is a bracket for p, then, putting m = (a + 6)/2, exactly one of the following 
holds: 

(i) p{m) = 0; then m is a root of p (not necessarily simple); 



35 



(ii) p(m) has the same sign as p(a); then [m, b] is a bracket for p; 

(Hi) p(m) has the same sign as p(b); then [a, m] is a bracket for p. 

It follows from the above that starting with any rational bracket J for p, we can, by 
repeated bisection, find a nested sequence of rational brackets 

oo 

J = J , Ji, J 2 ,... where ("] J n = {x} 

n=0 

for some simple root x of p. Then, letting r n be the left-hand endpoint of J n , we have a 
fast Cauchy sequence (r n ) n with limit x. 

One complication with our algorithm is the occurrence of case (i) in (4) above, i.e., the 
case that the midpoint m of the bracket is itself a root of p, since by the co-semicomputabil- 
ity of equality (Discussion 2.2.5) on R we can only verify when f(m) ^ 0, not when 
f(m) = 0. We therefore proceed as follows. By means of the 'choose' construct, we search 
in the middle third (say) of the bracket [a, b] for a "division point", i.e., a rational point d 
such that f(d) ^ 0, producing either [a, d] or [d, b] as a sub-bracket. 

This new bracket may not halve the width of [a, 6]; in the worst case its width is 2/3 the 
width of [a, b]. However a second iteration of this procedure leads to a bracket of width at 
most (2/3) 2 < 1/2 the width of [a, b], and so 2n iterations lead to a bracket of width less 
than 2~ n x the width of [a, b]. 

This new bracket may not halve the width of [a, b] ; in the worst case its width is 
2/3(6 — a). However a second iteration of this procedure leads to a bracket of width at 
most (2/3) 2 < 1/2 the width of [a, 6], and so 2n iterations lead to a bracket of width less 
than 2~ n (b- a). 

For convenience, we will use the following two conservative extensions to our "official" 
programming notation: 

(a) Simultaneously choosing two naturals with a single condition: 

ki,k 2 := choose zi,z 2 : 6[zi,z 2 ] 

which is easily expressible in WhileCC by the use of a primitive recursive pairing 
function pair on N and its inverses proji, proj 2 : 

k := choose z : 6[proji(z), proj 2 (z)]; 
ki,k 2 := proji(k), proj 2 (k) 

(b) Choosing a rational (of type real) satisfying a boolean condition: 

q := choose r real : ("r is rational" and 6[r]) 

Let rat : N — > K be a WTiiZe-computable enumeration of the rationals in R. Then 
this can be interpreted as: 

q := rat(choose k : 6[rat(k)]) 
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Finally, a polynomial p(X) over R will be represented by an element p* of M*: 

n-l 

p* = (a ,...,a n _i) = ^a^X"-* 

Its evaluation at a point c, denoted by p*(c), is easily seen to be WhileilZ) computable in 
p* and c. 

Now we give a WhileCC* procedure for approximably computing some simple root of 
an input polynomial, in the signature of 71. 

func in n : nat, {degree of approximation} 

p* : real* { input polynomial, given by list of coefficients } 
out x : real { approximation to root } 
aux a, b : real, { endpoints of bracket } 

d : real, { division point of bracket } 
k : nat { counter } 

begin 

k := 0; 

a, b := choose a, b : ("a and b are rational" and a < b < a + 1 and 

(p*(a) > and p*(b) < 0) 
or (p*(a) < and p*(b) > 0)); 

while k < 2n do 
k := k+1; 

d := choose d : ("d is rational" and (2a + b)/3 < d < (a + 2b)/3 
and p*(d)^0); 

if (/(d) > and /(a) > 0) or (/(d) < and /(a) < 0) 

then a, b := d, b { new bracket on right part of old } 
else a, b := a, d { new bracket on left part of old } 

fi 

od; 

x := a {x := b would also work here} 

end. 

For input natural n and polynomial p, the output is within 2~ n of some simple root of p. 
Further, for any simple root e of p, there is some implementation of the 'choose' operator 
which will give an output within 2~ n of e. Finally, the computation will diverge if, and 
only if, p has no simple roots. 

This computation is both many-valued and approximating. 
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5 Countably- many- valued functions; Continuity of WhileCC* 
computable functions 

In this section we discuss the continuity of countably-many-valued functions, and then 
prove that the countably-many-valued functions computed by WhileCC* programs are 
continuous. 

5.1 Topology and continuity with countably many values and 'f 

Recall Notation 3.2.1. 

Definition 5.1.1 (Totality). The function / : X =4 Y is said to be total if for all 
x E X, f(x) is a non-empty subset of Y, i.e., if / : X =4 + Y. 

Our semantic functions (in Section 6) will typically be of the form 

$ : A u =4 + A v l (1) 

Remark 5.1.2. We think of the "deterministic version" of (1) as being a total function 
$, where for each x G X, 3>(x) is a singleton, containing either an element of A v (to 
indicate convergence) or 'f (to indicate divergence). (Recall Remark 3.2.2.) 

We must now consider what it means for such a function (1) to be continuous. 

Definition 5.1.3 (Continuity). Let /: X =4 Y, where X and Y are topological spaces, 
(a) For any V C Y, 

r x [v] = df {xex | /Wny^}, 

i.e., x G iff at least one of the elements of f(x) lies in V. 

(6) f is continuous (w.r.t. X and Y) iff for all open V CY, is open in X. 

Remarks 5.1.4. (a) For metric spaces X and Y, Definition 5.1.3(6) becomes: 
/ : X =4 Y is continuous iff 

VaelVfeG /(a) Ve > 35 > Vx G B(a, 5) (f(x) n B(6, e) ^ 0). 

(6) Definition 5.1.3(6) reduces to the standard definition of continuity for total single- valued 
functions from X to Y. 

(c) It also reduces to the definition of continuity for partial single-valued functions (Defi- 
nition 2.5.1 and Remark 2.7.2(a)), as we will see below (Remark 5.1.9). We must first see 
how to extend the topology on Y to that on Y^ (Definition 5.1.6 below). 

Definition 5.1.5. For two functions f:X^Y, g:X^Y, we define 

/ E 9 ^^df for all xeX, f(x) C g(x). 
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Definition 5.1.6 (Topology on Y T ). We extend the topology on Y to Y T (= Y U{ t }) 

by specifying that the only open set containing { f } is Y\ (So Y^ is a "one-point 
compactification" of Y .) 

Now, given a function / : X =4 YT, we define functions 

/ T : X =4 Y T 

and /" : X =4 Y 

by 

f\x) = f(x)U{U 
f-(x) = f(x)\U}. 

In other words, f' adds 'f to the set /(x) for each x G X and / _ removes 'f ' from 
every such set. This changes the semantics of / (see Remark 3.2.2), but not its continuity 
properties, as will be seen from the following technical lemma, which will be used in the 
proof of continuity of computable functions below (§5.2). 

Lemma 5.1.7. Let f : X =4 Y and g : X =4 + Y^ be any two functions such that 

f E g E / T , 

i.e., for all iGl, (7(2;) 7^ 0, and either g(x) = f(x) or g(x) = f(x) U { f }. Then 

/ is continuous •<==>- (7 is continuous. 

Proof: (=>•) Suppose / is continuous. We must show g is continuous. Let V be an open 
subset of Y T . We must show <7 _1 [Y] is open in X. There are two cases, according as | is 
in V or not. 

Case 1: | ^ Y, i.e., V C Y. Then Y is also open in Y (by definition of the topology on 
Y^). Hence / _1 [Y] is open in X, and hence 

g-^V] = {xeX \ g(x)nV 

= { x G X I /(x) n Y ^ } since | £ Y 

= 

is open in X. 

Case j G Y. Then V = Y 1> (by definition of the topology on Y^). Hence 

o _1 [Y] = ^ _1 [^ T ] = * (since is total), 

which is open in X. 
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(<=) Suppose g is continuous. We must show / is continuous. Let V be an open subset of 
Y. We must show / _1 [V] is open in X. Since V is also open in (by definition of the 
topology on Y^), g~ 1] \V] is open in X. Hence 

f-*[V] = {xex\f(x)nv^®} 

= { x G X | g(x) n V ^ } since f £ V 



is open in X. □ 



Corollary 5.1.8. Suppose f : X ^+ Y^ (i.e., f is total). Then 

f is continuous -<=>- /~ is continuous P is continuous. 



Proof: Apply Lemma 5.1.7 twice: once with / and /, and once with /- and p. □ 



Remark 5.1.9 (Justification of Remark 5.1.4(c)). Let / : X — >Y be a single- 
valued partial function. Define 



(a) f:X=tY by 

(b) /: X ^+ by 



{ f(x) } if x G dom(p 

otherwise 

{ f(x) } if x G dom(p 

{ t } otherwise. 



(We can view either / or / as "representing" / in the present context, cf. Remark 5.1.2.) 
Then 

/ is continuous (according to Def. 2.5.1) 
<i==> f is continuous (according to Def. 5.1.3) 
^=^> / is continuous (according to Def. 5.1.3) 

The equivalence of the continuity of / and / follows immediately from the definitions. 
The equivalence of the continuity of / and / follows from Lemma 5.1.7. 



Remark 5.1.10 (Comparison with W-continuity) . As in §2.7, we can consider 
another notion of continuity for functions / : X =4 Y by modifying Definition 5.1.3(6); 
namely, / is W-continuous iff for all open V CY, is open in dom(f). Note that 

Lemma 5.1.7, and the equivalences given in Remark 5.1.9, also hold for W-continuity. 

Lemma 5.1.11. Given f : X =4 Y\ extend it to f : X^ =4 Y^ by stipulating that 
/(f) = T- H f JS continuous and total, then f is continuous. 
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Proof: Let V be an open subset of . We must show is open in . There are 

two cases: 

Case 1: | ^ V, i.e., V C Y. Then / _1 [V] = which is open in X, and hence in 

Xl 

Case 2: j G V. Then F = (by definition of the topology on Y<). Hence 

= dom(f)U{n 

= X U { t } (since / is total) 

which is open in X* . □ 
Definition 5.1.12 (Composition). 

(a) Suppose / : X =4 Y and # : F =4 Z. We define g o f : X ^ Z by 

(6) Suppose an d ^ . y ^ ^T. We define # o / : X =4+ Z T by 

(gof)(x) = \J{g(y)\yef(x)nY} 
u {T | T e /(x) } 

Proposition 5.1.13 (Continuity of composition). 

(10) If / : X =4 V and (7 : Y =4 Z are continuous, then so is g o f : X =4 Z. 

(6 J If / : X =4 + and g : Y =4 + Z^ are continuous, then so is g o f : X =4 + Z* . 
Proof: (a) Just note that for W C Z, 

(6) We give two proofs: (i) Note that 

{go /)- = <r°r : X =4 Z 

and use part (a) and Corollary 5.1.8. 

(11) Note that for W C Z\ 

(in the notation of Lemma 5.1.11), and apply Lemma 5.1.11. □ 
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Definition 5.1.14 (Union of functions). Let /$ : X =4 be a family of functions 
for iei. Suppose for all x e X, \J ieI fi(x) is countable. Then we define 

U fi- x =* Y] 

iei 

by 

(U/OO*) = U 

Lemma 5.1.15. If /j : X =4 is continuous for all iei, then so is \_\ ieI fi- 
Proof: This follows from the fact that for V CY^ , 

i6/ iei 

Remark 5.1.16. Note that all the results of this subsection (5.1) hold for arbitrary 
multivalued functions / : X — > V(Y), not necessarily countably- many- valued. 

5.2 Continuity of WhileCC computable functions 

Let A be an N-standard topological Z'-algebra. 

In order to prove that WhileCC* procedures on A are continuous, we first state 
and prove a lemma which says that such procedures are (almost) equivalent to While 
procedures (without 'choose') in an extended signature, which includes a symbol f for an 
"oracle function". Then we apply Lemma 5.1.7. 

Lemma 5.2.1 (Oracle equivalence lemma). Given a WhileCC (S) statement S, 
and procedure 

P = func in a out b aux c begin S end, 

we can effectively construct a While(S^) statement Sf and procedure 

Pf = func in a out b aux c begin Sf end 

in a signature Sf which extends U by a function symbol f : nat — > nat, such that, putting 

Pu = d f U Pf> 

feT 

where JF = N N is the set of all functions f : N — > N and Pf is the interpretation of Pf 
in A formed by interpreting f as /, we have 

P A E Pu E (P A ) T . (1) 
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(Recall Definitions 5.1.14 and 5.1.5, and the definition of P A : A u ^+ A v ^ in §3.2(0).) 

Proof: Intuitively, f represents a possible implementation of the 'choose' operator: f(n) 
is a possible value for the nth call of this operator in any particular implementation of P. 
We will then take the union of the interpretations over all such possible implementations. 

In more detail: the construction of Sf from S is as follows. Let c be a new "counter" , 
i.e., an auxiliary variable of sort nat which is not in S. First, it is clear that by "splitting 
up" assignments in S, and introducing more auxiliary nat variables, we can re-write S in 
such a way that every occurrence of the 'choose' construct is in the context of an assignment 
of the form 

z := choose z : b. (2) 

where the boolean term b does not contain the 'choose' construct. Now replace each 
assignment of the form (2) by the pair of assignments 

c := c + 1; 

if 6(z/f(c)) then z' := f(c) else div 

and initialise the value of c (at the beginning of the statement) to 0. The result is a 
While* (Sf) procedure Pf with a body Sf which, for a given interpretation / of f, "in- 
terprets" successive executions of 'choose' by successive values of /, when this is possible 
(i.e., 6(z//(c)) has tt as one of its values), and otherwise, causes the execution to diverge. 

For those / which (for a given input) always give "good" values for all the successive 
executions of 'choose' assignments (2) in S, P A will give a possible implementation of 
P. For all other /, P A will diverge. Since (for a given input) each P A either simulates 
one possible implementation of successive executions of 'choose' in S or diverges, their 
"union" P A gives the result of all possible implementations of 'choose', plus divergence; 
hence the conclusion (1). □ 

Theorem 5.2.2. Let 

P = func in a out b aux c begin S end (3) 

be a WhileCC procedure, where a : u and b : v. Then the interpretation 

p A . A u ^+ A v]- 

is continuous. 

Proof: In the notation of the Oracle Equivalence Lemma (5.2.1): P A is continuous for 
all / e J-, by the continuity theorem for While [TZ00, §6.5]. Hence P A is continuous, 
by Lemma 5.1.15. Hence, by (1) and Lemma 5.1.7, so is P A . □ 

Remark 5.2.3. In the special case that P A is deterministic, i.e., single-valued: 

pA. A u_^ A v^ 

it follows by Remark 5.1.9 that P A is continuous according to our definition (2.5.1) of 
continuity for single- valued partial functions. 
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Corollary 5.2.4. A WhileCC* computable function on A is continuous. 

Proof: Such a function is WhileCC computable on A*, hence (by Theorem 5.2.2) con- 
tinuous on A*, and hence on A. □ 

5.3 Continuity of WhileCC* approximable functions 

Recall Defmiton 3.5.1 and §2.7. 

Theorem 5.3.1. Let A be a metric U-algebra, and let F: A u — ^ A v . 

(a) If F is WhileCC* approximable then F is W-continuous. 

(b) If also dom(F) is open in A u then F is continuous. 

Proof: Suppose F is approximable on A by the WhileCC* procedure P: nat x u — > v. 
We will show that F is W-continuous, using Remark 2.7.2(6). Given a G dom(F) and 
e > 0, choose N such that 

2~ N < e/3. (1) 

Then by Definition 3.5.1, 

? P*(a) C B(F(a), 2""). (2) 

Choose 6 G Pfi(a). By (2), 

d(F(a),b) < 2~ N . (3) 

By Corollary 5.2.3, P$ is continuous on A, and so by Remark 5.1.4(a), there exists 8 > 
such that 

Vx G B(a, 8), P${x) n B(6, e/3) ^ 0. (4) 
Take any x G B(a, <5) fl dom{F). By Definition 3.5.1 again, 

P£{x) C B(F(x), 2"^) (5) 

By (4), choose y G Pj^(x) fl B(b, e/3). So 

d(y,6) < e/3 (6) 

and by (5) 

d(F(x),y) < 2~ N . (7) 

Hence 

d(F(x),F(a)) < d(F(x),y) + d(y,b) + d(b,F(a)) 
< e 

by (7), (6), (3) and (1). Part (a) follows by Remark 2.7.2(6). 
Part (6) then follows by Proposition 2.7.1. □ 



44 



6 Concrete computability and the soundness of WhileCC* 
computation on countable algebras 

To compute on a metric algebra A using a concrete model of computation, we choose a 
countable subspace X of A and an enumeration 

a: N -> X. 

From this we build the space C a (X) of a-computable elements of A, and enumerate it 
with 

a: N -> C Q pT). 

In this section we step back from topological algebras and consider computability on arbi- 
trary countable algebras. We show that if an algebra A is enumerated and its basic functions 
are effective, then functions that are WhileCC* computable on A are also effective. This 
result is a key lemma in the ssoundness theorem for WhileCC* approximation in the next 
section. 

6.1 Enumerations and tracking functions for partial functions 

Let 

X = (X s \sE Sort(E)) 
be a Sort (Z')-indexed family of non-empty sets. 

Definition 6.1.1. An enumeration of X is a family 

a = (a s : Q s -» X s \ s G Sort(U)) 

of surjective maps a s : fi s -» X s , for some family 

O = (fi s | s g Sort(E)) 

of sets fi s C N. The family X is said to be enumerated by a. We say that a: O ^> X is an 
enumeration of X, and call the pair (X, a) an enumerated family of sets. (The notation 
'-»' denotes surjections, or onto mappings.) 

We also write fi s = Q S to make explicit the fact that O s = dom(a s ). 

Definition 6.1.2 (Tracking and strict tracking functions). We use the notation 

X u = X Sl x • • • x X Sm and Vt u a = fi a , Sl x • • • x O a , Sm , where u = si x • • • x s m . 
Let F:X U — +X S and ^O a , s , 

(a) / is a tracking function with respect to a, or a-tracking function, for F, if the 
following diagram commutes: 

X u ^ X s 



N m - r N 
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in the sense that for all fcefi^ 

F(a u (k))i f(k)l Af(k)en a , s AF(a u (k))=a s (f(k)). 

(b) f is a strict a-tracking function for F if in addition, for all fceO^ 

/(fcH =► *V(*)H- 

Here we use the notation a u (k) = (a Sl (k\), . . . , a Sm (k m )), where k = (ki, . . . , k m ). 
(We will sometimes drop the type super- and subscripts.) 

Definition 6.1.3 (a-computability). (a) Suppose A is a Sort(E) -family, and (X, a) 
an enumerated subfamily of A, i.e., X s C A s for all Z'-sorts s. Suppose F: A u — > A s 
and / : N m — + N, such that 



F \X U :X U —^X 



S ) 



and / f is a (strict) a-tracking function for F f X. We then say that / is a (strict) 
a-tracking function for F. 

(b) Suppose now further that / is a computable (i.e., recursive) partial function. Then F 
is said to be (strictly) a- computable. 



Remarks 6.1.4. (a) In the situation of Definition 6.1.3, we are not concerned with the 
behaviour of F off X u , or the behaviour of / off Q l c 



r. 



(b) For convenience, we will always assume: 

^ a ,bool = {0, 1}, abool(0)=ff, a boo |(l)=tt 
and also (when £ is N-standard): 

^a,nat = N and ctnat is the identity on N. 

Assume now that A is a U-algebra and (X, a) is a Sort (Z')-family of subsets of A, 
enumerated by a. 

Definition 6.1.5 (Enumerated Z'-subalgebra). (X, a) is said to be an enumerated 
U-subalgebra of A if X is a I7-subalgebra of A. 

Definition 6.1.6 (Z'-effective subalgebra). Suppose A is a Z'-algebra and (X, a) is 
an enumerated 17-subalgebra. Then a is said to be 

(a) E- effective if all the basic ^-functions on A are ct-computable; and 

(b) strictly E-effective if all the basic Z'-functions on A are strictly a-computable. 
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6.2 Soundness Theorem for surjective enumerations 

For the rest of this section we will be considering the special case of §6.1 in which the 
enumerated subalgebra X is A itself, i.e., we assume the enumeration is onto A. To 
emphasise this special situation, we will denote the enumeration by 

p-.Qp -» A, 

so that (A, (3) is our enumerated E -algebra. 

Given such an enumerated algebra (A, (3) and a function 

F: A u — ■» A s , 

we have two notions of computability for F: 

(i) abstract, i.e., WhileCC* computability, as described in Section 3; and 

(ii) concrete, i.e., /3-computability, as in Definition 6.1.3, in the special case that X = A. 

We will prove a soundness theorem (Theorem Ao), for these notions of abstract and 
concrete computability, i.e., (i)=>(ii), assuming strict effectiveness of (3. 

A more general soundness theorem (Theorem A) , with more general notions of abstract 
computability (WhileCC* approximability) and concrete computability (computability 
w.r.t. the computable closure of an enumeration), will be proved in Section 7. 

Theorem A (Soundness for countable algebras). Let (A, fi) be an enumerated 
N-standard U -algebra such that [3 is strictly U -effective. If F : A u — > A s is WhileCC* 
computable on A, then F is strictly /3-computable on A. 

6.3 Proof of Soundness Theorem A 

Assume, then, that (A, (3) is an enumerated N-standard 17-algebra and (3 is strictly in- 
effective. 

We will show that each of the semantic functions listed in §3.2(a)-(g f ) has a computable 
tracking function. More precisely, we will work, not with the semantic functions themselves, 
but "localised" functions representing them (cf. [TZOO, §4]). 

First we will prove a series of results of the form: 
Lemma Scheme 6.3.1. For each semantic representing function 

$ : A u ^+ A v ^ 

representing one of the semantic functions listed in §3.2(a)-(g), there is a computable 
tracking function w.r.t. (3, i.e., a function 

which commutes the diagram 
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(3 V 



QU 



in the sense that for all k,l G O^: 



/T(/) G *(/?"(*))> 
T g *(/*"(*))• 



Remarks 6.3.2. (a) Here </? is a combination "strict tracking function" and "selection 
function". We can think of ip as giving one possible implementation of (Compare the 
representative functions for various semantic functions in [TZOO, §4].) 

(b) We are not concerned with the behaviour of (p on N m \0^ (where m = arity(it)). (Cf. 
Remark 6.1.4(a).) 

Theorem Ao then follows easily (§6.5) from this lemma scheme. 

Proof of Lemma Scheme 6.3.1: We proceed to prove this lemma scheme by con- 
structing concrete strict tracking functions for the semantic functions in §3.2. 

Let x be a w-tuple of variables, where u = s\ x • • • x s m . Let PTerm x = PTerm x (E) 
be the class of all Z'-terms with variables among x only, and for all sorts s of let 
PTerm xs = PTerm XiS (£) be the class of such terms of sort s. 

We consider in turn the semantic functions in §3.2, or rather versions of these localised 
to x, i.e., defined only in terms of the state values on x (cf. [TZOO, §4]). For example, we 
localise the set State(A) of states on A to the set 

State x (A) = df A u 

of w-tuples of elements of A, where a tuple a G A u represents a state a (relative to x) if 
cr[x] = a. The set A u is, in turn, represented (relative to 0) by the set O^. 

We assume an effective coding, or Godel numbering, of the syntax of S. We use the 
notation 

r PTerm s n = df { r t n | t G PTerm s }, 
etc., for sets of Godel numbers of syntactic expressions. 

(a) Tracking of term evaluation. 

The function 

PTE$ S : PTerm X)S x State x (A) ^+ A S T 
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defined by 

PTE$ a (t,a) = {t] A a 
for any state a on A such that cr[x] = a, is strictly tracked by a computable function 

pte A J: r PTerm x ^xQ u p — ^ fi^ 

so that the following diagram commutes: 

PTE xs 

P Term XyS x State x ( A) ' z£+ A a T 

(enum, j3 u ) f3 s 

(where enum is the inverse of the Godel numbering function), in the sense that 

pte^(rr,k)ll =► G PTE A 8 (t, p u (k)), 

pte^/(T,fc)t =► t ^ PTE A 8 (t, (3 u (k)). 

In order to construct such a representing function, we first define the state variant repre- 
senting function, i.e., a (primitive) recursive function 

vart x : ^ x r Var s n x — > fyg >a 

such that 

(3 u (vart^(k, r y n , fco)) = y//3 s (fc ) }• 

for G O^, y G Var s and k G 0^ (c/. Definition 3.2.3(6)). 

We turn to the definition of pte^'s ( r V, k). This is by induction on r t n , or structural 
induction on t G PTerm x , over all Z'-sorts s. The cases are: 

• t = c, a primitive constant. Then define 

pte A f( r t n ,k) = k where (3(k ) = c A . 

(Such a k exists by the strict Z'-efiectivity of (3). 

• t = Xj for some z = 1, . . . , m, where x = xi, . . . , x m . Note that fc = (fci, . . . , fc m ) G 
O^. So define 

• £ = . . . , t m ). Let / be a computable strict tracking function for F, which exists 
by the strict Z'-efiectivity of (3. Then define 

ptetf(<V,k) ~ /(p*e^ i rtr,/ C ),...,pte^ m rt m ^/ C ))). 
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From the induction hypothesis applied to ti, . . . , t m , the definition of PTE (§3. 2(a)) 
and the fact that / strictly tracks F, we can infer (1) for t. 

• t = if(6, t l7 t 2 )- Define 

r ptetfituk) if P*e^ oo| (M)jl 
ptetf(t,k) ~ | pte^(t 2 ,k) if P^ oo ,(M)|0 

From the induction hypothesis applied to 6, to an d ti, and the definition of PTE, 
we can infer (1) for t. 

• t = (choose z : to)- We define ptex,'s( r t~ [ , k) by specifying its computation: find, 
by dovetailing (recall the discussion in §4.1!) some n such that 

pte^(V, vart x (k^n)) | 1 

(remember, (3(1) = tt, by Remark 6.1.4(6)), so that pte^'s ( r t n , k) = some such n, 
if it exists, and | otherwise. From the induction hypothesis applied to t , and the 
definition of PTE, we can infer (1) for t. 

(b) Tracking of atomic statement evaluation. 

Let AtSt x be the class of atomic statements with variables among x only. The atomic 
statement evaluation function on A localised to x, 

AE$ : AtSt x x State x (A) ^+ State x (A)\ 

defined by 

AE*(S,a) = 

for any state a such that cr[x] = a, is strictly tracked by a computable function 

ae^ : r AtSt^ xO^ii; 
so that the following diagram commutes: 



AtSt x x State x (A) ±+ State X (A)1 



AE X 



{enum, (3 h 



I3 U 



aef'' 



• X 



in the sense that 

ae^fS^k)ll /?(/) G AEi(S,P(k)), 

ae^(rsr,k)^ =► T G AEi(S,P(k)). 



(2) 
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The definition of ae.'Y^ 1 , k) is given by: 

ae^( r skip n , k) | k 
ae^fdiv -1 , k) ] 

ae^(r Y . = r k) f *0 if pte^(s^ k) | I 

\t if pte^/(T,fc) T- 

Using (1) and the definition of A-E^ (§3.2(6)), we can infer (2). 
(c) Tracking of First and i?es£ operations. 

Let Stmt x be the class of statements with variables among x only. Consider the functions 
First and Rest A (§3. 2(c)). Then First is strictly tracked by a computable function 



first : r Stmt 1 



AtSt 



defined on Godel numbers in the obvious way, so that the following diagram commutes: 

First 



Stmt 



AtSt 



en/urn 



enum 



Stmt 



first 



AtSt 



(Note that first, unlike most of the other representing functions here, does not depend 
on State X (A), or, indeed, on A or x.) Next, the localised version of Rest A : 



Rest A : Stmt x x State x (A) =4 + Stmt, 



defined by 



Rest A (S,a) = Rest A (S,a) 
for any state a such that cr[x] = a, is strictly tracked by a computable function 

rest A ' : r Stmt x ~ 1 xO^ r Stmt x ~ 1 

so that the following diagram commutes: 

Rest A 

Stmt x x State x ( A) =£ + Stmt x 



(enum, j3 u ) 



enum 



r Stmt x ~ 1 x Vt u p 



rest., 



r Stmt x ^ 
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in the sense that 

rest^ ( r S n , k) | r S' n ==>■ S' G #est A (S, 0(h)), 

rest*'* 3 ( r 5 n ,A;)t =>■ div G Rest A (S, P{k)) " j 

The definition of rest^ ' ( r S~ l , k), as well as the proof of (3), are by induction on r S~ i , 
or structural induction on S. 

• S is atomic. Then 

rest£ { r S^, k) = r skip n . 

• S = Si; Then 



rest£' ( r S^, k) = 



r 5 , 2~ l if Si is atomic 



r restx ^(Si, k); 5 , 2~ l otherwise 
• S = if b then Si else S 2 fi. Then 

r S i- if pte^ |>a (6,fc)il 
rest£>(<Sr,k) ~ <( r S 2 n if Pte^ s (b, k) j 



t ^ P*e££ |>a (&,A0T. 



• 5 = while 6 do S od. Then 



So; S if pte££| >s (M) 1 1, 
rest^(S,k) ~ <( skip if P*e^ o|s (M)j 0, 

(d) Tracking of a computation step. 

The computation step function (§3. 2(d)) localised to x: 

CompStepx ■ Stmt x x State x (A) =4 + State X (A) T 

defined by 



CompStepx(S,a) = CompStep A (S, a) 
for any state a such that cr[x] = a, is represented by the computable function 

compstep^ 3 : r Stmt^ xO^^ 

defined by 

compstep^{ r S^,k) ~ ae£' {first{ r S^) , k). 
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This makes the following diagram commute: 



Stmt x x State x (A) 



Compstep^ 



£+ State x ( AY 



( enurn. (3 U ) 



•u 



r Struts x O 



u 




compstep ^ 



in the sense that 



compstep^ ( r S n , fc) | / =^ /3(Z) G CompStep^ (S, /3(k)), 
compstep^ 13 ( r S n , k) t =>- | G CompStep^ (S, (3(k). 



(4) 



This is proved easily from the definitions and (2). 
(e) Tracking of a computation sequence. 

Now consider localised versions of the computation tree stage and computation tree of 



CompTreeStage^ : Stmt x x State x (A) xff ^ V ((State ^A^)^) 
CompTree^ : Stmt x x State x ( A) -> V '({State X (A) T )^) 

We will define a function which selects a path through the computation tree: 

compseq^ : r StmtyP xft^N — + Q u U { r * n } 

(where V is a symbol meaning "already terminated") by recursion on n: 

compseq^ () ( r S^, k, 0) = e 
compseq^' 13 ( r S~* , k, n + 1) ~ 

' r * n if S 1 is atomic and n > and compseq^' 13 ( r S n , k, n) 1 

t if S is atomic and n > and compseq^ 13 ( r , k, n) j 



(This is a "tail recursion": compare definition of Compf in [TZ00, §3.4].) 

Writing k n = compseq^' ( r k,n), this defines a (concrete) computation sequence 



for S 1 from the initial state k = ko. (Our notation here includes the possibility that some 
of the ki may be r * n or f .) As can easily be checked, there are three possibilities for e 
(compare the discussion in §3. 2(e)): 



§3.2.(e): 



compseq^' 13 (rest^' 13 ( r S n , k), compstep 
otherwise. 



fe = fe , fei, fe : 
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(i) For some n, h G for all i < n and h = * for all i > n. This represents a 
computation which terminates at stage n, with final state k n . 

(ii) For some n, fe; G for all i < n and ki = f for all z > n. This represents a 
non-terminating computation, with /oca/ divergence at stage n. 

(m) For all z, fcj G O^. This represents non-terminating computation, with global diver- 
gence. 

We write k[n] = the initial segment h, k\, . . . , k n , with length lgth(k[n]) = n + 1. We 
put lgth(k) = oo. The fcj are called components of fc, and of fe[n], for all i < n. 

The computation sequence then has the following connection with the computation 
tree CompTree^. Extend (for now) the definition of (3 by /3( r * n ) = *, /9(f) = f, and 

= d/ P(k ), (3(h), p(k 2 ), ... 
/3(^N) =df f3(ko), /3(h), /3(k 2 ), (3(k n ). 

Let r = CompTree^(5, (3(k)). Then 

(z) If the computation sequence terminates at stage n, then (3(k[n\) is a path through 
t from the root to a leaf (= (3(h), the final state). 

(ii) If for some (smallest) n, k n = f, then (3(k[n\) is a path through r from the root to 
a leaf (= f, local divergence). 

(iii) If for all n, /c n G O^, then /3(fc) is an infinite path through r (global divergence). 

To prove this, we first define an initial segment of k (including k itself) to be acceptable 
if (i) no component is equal to and (ii) no component, except possibly the last, is 
equal to f- Further, an acceptable initial segment of k is maximal (acceptable) if it has 
no acceptable extension. Thus if k is acceptable, it is automatically maximal. If k[n] is 
acceptable, it is maximal acceptable provided either k n+ i = * or k n = ]. We then show: 

Lemma 6.3.3. Given a computation sequence k = h, h, . . . for r 5 n from k, where k n = 
compseq^' 13 ( r S n , k, n), let r = CompTree^(S, (3(k)). Then with every acceptable 
initial segment k[n] of k, (3(k[n\) is a path through r from the root. If k[n] is maximal, 
then (3(h) is a leaf. 

Proof: Put r[n] = CompTreeStage^(S, (3(h), n). The proof is by induction on n, 
comparing the inductive definitions of h and r[n]. 

Basis: n = 0. This is immediate from the definitions: k = k, and r[0] = { (3(h) }. 

Induction step: Assume the induction hypothesis holds for the initial segment of length n 
of the computation sequence for r S' n from h, where 

S' = rest^( r S n , (3(k)), 

e\ = compseq^ ' 13 ( r S n , k, 1) 

~ compseq^^rest^^S^^), compstep^ ( r S^,k), 0) 

~ compstep^'^C S n ,e) 
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i.e., assume the induction hypothesis for the segment / of length n: 

lo, h-, h, ■ ■ ■ ,ln 

where li = e^+i (i = 1, . . . , n). Now apply the inductive definitions for compseq^ 13 ( r S^, 
fe, n + 1) (above) and CompTreeStage x (S, /?(fe), n+1) (§3. 2(e)), and use (3) and (4). 

(f) Tracking of statement evaluation. 

First we need a constructive computation length function 

complengthx ' 13 : r Stmt x ~ 1 x — + N 

by (c/. [TZOO, §3.4]) 

complength x p ( r S~ l , fe) ~ [in\compseq x ' /3 ( r 5'" 1 , fe, n+ 1) J. *] 

i.e., the least n (if it exists) such that for all i < n, compseq x (^S^, fe, i) [ ^ * and 
compseqx ' 13 ( r S n , fe, n + 1) J, *. 

Thus complengthx ' ( r S n , fe) is undefined (f) in the case of local or global divergence 
of the computation sequence for r 5 n from fe. 

Now the statement evaluation function (§3.2(/)) localised to x: 
SE$ : Stmt x x State x (A) ^+ 5tate x (A) T 

defined by 

SE*(S, a) = lSj A (a) 
for any state a such that cr[x] = a, is strictly tracked by the computable function 

se^ : r Struts xO^ — + 

defined by 

se x A ' 3 ( r 5 n , fe) ~ compaeq^fS' 1 , fe, complength^( r S n , fe)). 
This makes the following diagram commute: 



Stmt x x State X (A) ± + State X (A)1 



SE X 



( enurn. f3 u ) 



(3 U 



r Struts x ' T — — fi« 



' X 



in the sense that 

se ^( r ^,fe)|/ =► 0(1) e SE*(S,p(k))> 
se^r^fe)! =► T G SE* {S, /3(k))- 
This result is clear from the definition of complength and Lemma 6.3.1. 



(5) 



55 



(g) Tracking of procedure evaluation. 

For a specific triple of lists of variables a : u, b : v, c : w, let Pr*oc a b,c be the class of all 
WhileCC* procedures of type u — > v, with declaration 'in a out b aux c'. The procedure 
evaluation function (§3. 2(g)) localised to this declaration: 

PE^ C : Proc & ^ c xA u ^+ A v1 < 

defined by 

P< b , c (P, a) = P A (a), 
is strictly tracked by the computable function 

pe A £ c : rproc^xQ^ Q£ 
defined by the following algorithm. Let P G Proc a ,b,c; say 

P = proc in a out b aux c begin £ end 
and let ko G O^. Take any ki G and ki G (The choice of ki and /c2 is irrelevant, 
by Remark 3.2.4.) Put k = ko,ki,k2 and put x = a, b, c. Compute se A ' /3 ( r 5' _l , k). 
Suppose this converges to / = /c/1,/2, where Zo G ftp, h G and I2 G O^. Then we 
define pe A '^ c ( r P n , &o) | /1. The following diagram then commutes: 

Proc^ c X A u PE a,b,c ^.+ ^1 



{ enuni. f3 u ) 



(3 V 



in the sense that 



P e a,b,c 



(6) 



Vetlc ( r P^ k) T =► T G Pi?£ b)C (P, flfc)). 
This is proved from (5) and the definitions of PE and pe. 
This concludes the proof of Lemma Scheme 6.3.1. □ 

Proof of Theorem Ao (conclusion): Suppose F : A u — > A s is WhileCC* com- 
putable on A. Then there is a deterministic WhileCC* procedure (Definitions 3.2.5/6) 

P: u — > s 

such that for all a G A u , 

F(x) I y P A (x) = {y}, 

T =► P A (x) = {T}. 
Hence by (g) (above) there is a computable (partial) function 

/: Vfp — > Qp iS 
which strictly tracks F, as required. □ 
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7 Soundness of WhileCC* approximation 

In this section we address the general situation introduced in §6.2, of a partial metric 
17-algebra A with an enumerated subalgebra (X, a) , and prove a more general soundness 
theorem (Theorem A) for WhileCC* approximation. 

7.1 Enumerated subspace of metric algebra; Computational closure 

Let A be an N-standard metric I7-algebra, and (X, a) an enumerated Sort(U) -family 
{(X s ,a) | s G Sort(U)) of subsets X s C A s (sG Sort(U)). Each X s can be viewed as 
a metric subspace of the metric space A s . We call (X, a) a Sort(E)- enumerated (metric) 
subspace of A. 

We define from (X, a) a family 

C a (X) = (C a (X) s | s G Sort(S)) 

of sets C ce (X) s of a-computable elements of A s , i.e., limits in A s of effectively convergent 
Cauchy sequences (to be defined below) of elements of X s , so that 

X s C C Q (X) S C A 8 , 

with corresponding enumerations 

a s : 0a jS ^> C Q (X) S . 

Writing a = (a s \ s £ Sort(E)), we call the enumerated subspace (C a (X), a) the com- 
putable closure of (X, a) in A. 

We will generally be interested in (strictly) a-computable (rather than ct-computable) 
functions on A (cf. Definition 6.1.3), as our more general model of concrete computability 
on A. 

The sets 3]S C N consist of codes for C a (X) s (w.r.t. a), i.e., pairs of numbers 
c = (e, to) where 

(i) e is an index for a total recursive function defining a sequence a o {e} in X s , i.e., 
the sequence 

a.({e}(0)), a s ({e}(l)), a.({e}(2)), ... , (1) 

of elements of X s , 
(u) to is an index for a modulus of convergence for this sequence: 

Vfc, / > {m}(n) : d l (a({e}(fc)), a({e}(/))) < 2"". (2) 

For any such code c = (e, to) G 57 s (c) is defined as the limit in A s of the Cauchy 

sequence (1), and C a (X) s is the range of a s : 

X s C C a (X) s C A 



Q!, 



a. 
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Remark 7.1.1. We may assume, when convenient, that the modulus of convergence for 
a given code is the identity, i.e., replace (2) by the simpler condition 

Vfc, / > n : di(a({e}(k)), «({e}(/))) < 2~ n . 

or, equivalent ly, 

Vfc > n : di(a({e}(fc)), a({e}(ra))) < 2" n . (3) 

This is because any code c = (e, m) satisfying (2) may be effectively replaced by a code 
for the same element of C a (X) s satisfying (3), namely c' = (e',mi), where mi is a 
standard code for the identity function on N, and e' = comp(e,m), where comp(x,y) is 
a primitive recursive function for "composition" of (indices of) computable functions, i.e., 
{ comp(e, m) }(x) ~ { e }({ m }(#))• 

In case of a code c = (e, mi) satisfying (3), the sequence (1) is called a fast (a-effective) 
Cauchy sequence. In such a case we will often, for simplicity, refer to e itself as the "code", 
and the argument of a s . In this way we will shift between "c-codes" and "e-codes" as 
convenient. 

Remark 7.1.2. In the case s = nat, we can simply take Oa,nat = ^a,nat = N, and o7 na t 
and «nat as the identity mappings on N. Similarly, in the case s = bool, we can take 
bool = bool = { 0, 1 }, with 57(0) = a(0) = ff and 57(1) = a(l) = tt. (Cf. Remark 
6.1.3(6).) 

Remark 7.1.3 (Closure of a-computability operation). The subspace (C a (X), a) 
is "computationally closed in A" , in the sense that the limit of a (fast) o7-effective Cauchy 
sequence of elements of C a (X) is again in C a (X), i.e., Ca(C a (X)) = C a (X). (Easy 
exercise.) 

Remark 7.1.4. We will usually assume that O ajS is decidable, in fact, that O a;S = N 
for all sorts s, which is typical in practice, unlike the case for O^. (See the following 
Example.) 

Example 7.1.5 (Constructible reals). The best known nontrivial example of an enu- 
merated subspace (X, a), and its extension to a subspace of a-computable elements, is the 
following. Let A be the metric algebra 1Z of reals (Example 2.6.1), with signature S. Let 
X rea | be the set of rationals Qcl, let Qire al = N and let 

"real = N -> Q 

be a canonical enumeration of Q. Then C Q (Q) =df C Q (X) rea | C R is the subspace of 
recursive or constructible reals. Note that it is a subfield of R, and hence C a (X) is 
a subalgebra of 71. Further, it is easily verified that a is strictly 2?(7£)-effective. (Cf. 
Definition 6.1.6.) Note that Qj real = N, unlike n„ rea |, which, by contrast, is non- 
recursive. (See the previous Remark.) 
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Remark 7.1.6 (Extension of enumeration to A*). Given an enumeration a of a 
Z'-subspace X of A, we can extend this canonically to an enumeration a* of a Z^-subspace 
X* of A* . (Easy exercise.) This in turn generates an enumeration a* of a I7*-subspace 
C a (X)* of ct*-computable elements of A*. It is easy to see that 

(i) if C a (X) is an Z'-subalgebra of A, then C a (X)* is a I7*-subalgebra of A*; 

(ii) if a is (strictly) Z'-effective, then a* is (strictly) Z^-effective. 

We will usually use this extension (of (X, a) and (C Q (X), a 7 )) to A* implicitly, i.e., writing 
'a' instead of 'a*' etc. 

7.2 Soundness Theorem for effective numberings 

We now prove the first main theorem mentioned in the Introduction. 

Theorem A (Soundness). Let A be an N-standard metric £ -algebra, and (X, a) 
an enumerated Sort(U)-subspace. Suppose the enumerated Sort (U) -space (C Q (X), a) 
of a-computable elements of A is a E-subalgebra of A, and a is strictly E-effective. If 
F : A u — > A s is WhileCC*-approximable on A, then F is a-computable on A. 

Proof: The proof uses the Soundness Theorem A (Section 6), or rather the Lemma 
Scheme 6.4.1 (specifically, part (g) of the proof) applied to the enumerated subalgebra 
(C a (X), a 7 ) in place of (A, (3). 

So suppose F : A u — > A s is effectively uniformly WhileCC* approximable on A. 
Then there is a WhileCC* (U) procedure 

P : nat x u — > s 

such that for all nGi and all x G dom(F): 

T i pA(x) C B(F(x), 2~ n ). (1) 

(see Definition 3.5.1). By §6. 4(g) (applied to (C a (X), a) in place of (A,f3)) there is a 
computable function 

which tracks P A strictly, in the sense that for all n G N, e G and e' G (and 
writing f n = f(n, •)): 

fn(e)ie' =► a(e') G J* 1 (a(e)), 
/„(c) T T G P n A (a(e)). 

We will show how to define a partial recursive ct-tracking function 

for F as follows. 
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Given any e G O^, suppose 57(e) G dom(F), i.e., 

F(a(e)) I G A s . (3) 
We must show how to define an a>tracking function g for F, i.e., such that 

^(e) G Oa, s and a(^(e)) = F(a(e)). (4) 

By (1), for all n 

T i P^(e)) C B(F(5(e)), 2"»). (5) 

Hence by (2), for all n 

/n(e) | G 0„ )S (6a) 

and 

a(/„(e)) G P n A (a(e)). (66) 
and so by (6a) we may assume (by definition of 0^) that for all n 

a o {/ n (e)} is a fast Cauchy sequence, with limit a(f n (e)). (7) 

Also by (66) and (5), 

d(a(/„(e)), F(a(e))) < 2"". (8) 
Now let e' be a "canonical" index for the (partial) function 

{e'} : n ~ {/„(e)}(n) (9) 

obtained uniformly effectively in e. So {e'} is the "diagonal" function formed from the 
sequence of functions with indices / n (e). Consider the sequence ct s o {e'}, i.e., 

a.({e'}(0)), a s ({e'}(l)), a 8 ({e'}(2)), (10) 

Claim: (10) is a Cauchy sequence in A s , with modulus of convergence Xn(n + 2). 
Proof of claim: For any n and k > n: 

d(a({e'}(fc)), a({e'}(n)) 
= d(a({f k (e)}(k), a({f n (e)}(n)) by def. (9) of e' 

< d(a({f k (e)}(k)), a(f k (e))) + d(a(f k (e)), a(/„(e))) + d(a(/„(e)), a({/ n (e)}(n))) 
= di + d 2 + d 3 (say) 



where 



di < 2" fc , 
d 3 < 2—, 
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by (7), and 



d 2 < d(a(/ fc (e)), F(a(e))) + d(F(a(e)), a(/„(e))) 



< 2 " fc + 2" n 



by (8). Therefore 

d(a({e'}(fc)), «({e'}(n)) < di + d 2 + d 3 

< 2-2~ k + 2-2~ n 

< 2~ n+2 . 

This proves the claim. □ 

Further, by the method of Remark 7.1.1 (composing {e'} with the modulus of conver- 
gence), we can replace the index e' by an e-code e" for a fast Cauchy sequence: 

{e"}(n) ~ {e'}(n + 2). (11) 

Then we define 

9(e) = e". (12) 

We show that g is an a-tracking function for F, i.e., (assuming (3)) we show (4). Since 
a o {e"} is a fast Cauchy sequence, with the same limit in A (if it exists) as a o {e'} (by 
its definition (11)), to prove (4) it is enough to show (by (12)) that 

a({e'}(n)) -> F(a(e)) as n -»• oo. (13) 

This follows since 

d(«({e / }(n), F(a(e))) = d(a({/ n (e)}(n)), F(a(e))) by def. (9) of e' 

< d(a({/ n (e)}(n)), a(/„(e))) + d(a(/ n (e)), F(a(e))) 

< 2 " n + 2" n by (7) and (8) 
= 2~ n+1 

proving (13). □ 

Remark 7.2.1. A deterministic version of Theorem A (i.e., without 'choose') was proved 
in [Ste98]. 
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8 Interpretation of concrete in abstract model: Adequacy of 
WhileCC* approximation 

8.1 Adequacy Theorem 

In this section we will prove Theorem B, a converse to the result of the previous section. 
Assume that A is an N-standard metric 17-algebra, and (X, a) an enumerated Z'-subspace, 
with a-computable closure (C a (X), a). 

Note that we are not assuming in this section that C a (X) is a subalgebra of A, or even 
that a is Z'-effective. 

Before stating the theorem, we need a definition. 

Definition 8.1.1 (a-effective local uniform continuity). A partial function F : 

A u — > A s is effectively locally uniformly continuous (with respect to a) if there is a 
recursive sequence 

{k ,l ), (fci,Zi), (fejfe), ••• 

of pairs of naturals such that 

oo 

dom(F) C \jB u (a(ki), 2~ h ) 

and there is a total recursive function LUp : N 2 — > N (a modulus of local uniform 
continuity for F) such that for all i, all x,y E B u (ct(/cj), 2~ Zi ) fl dom{F), and all n: 

d u (x,y) < 2" LU ^ =► d,(F(x),F(y)) < 2~ n . 

Here B u (a, 5) is the open ball in A u with centre a and radius 5. (Recall the definition 
(2.6.3) of the product metric d u on A u .). 

Example 8.1.2. This phenomenon typically occurs in the situation where A is a countable 
union of neighbourhoods with compact closure; for example, in the algebra 1Z P of reals, M. 
is the union of the neighbourhoods (—k, k) for k = 1, 2, . . . . Then a continuous function 
F on A will be uniformly continuous on each of these neighbourhoods. 

We are now ready for the theorem. 

Theorem B (Adequacy). Let A be an N-standard metric S-algebra, (X, a) an enumer- 
ated Sort(S)-subspace, and (C a (X), a) the Sort(£)-subspace of a-computable elements 
of A. Suppose that for all £ -sorts s: 

(i) X s is dense in A s , and 

(ii) a s : N — > A s is WhileCC* -computable on A. 
Let F : A u — > A s be a function on A such that 
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(Hi) F is effectively locally uniformly continuous w.r.t. a, and 
(iv ) dom(F) is open. 

If F is strictly a-comput able on A, then F is WhileCC* approximable on A. 

Note the extra condition in Theorem B (apart from assumptions (i)-(w)), that F be 
strictly a-computable. 

Remark 8.1.3. From the proof of the theorem, it will be apparent that only sorts s in 
the domain of F have to satisfy condition (i), and only sorts s in the domain or range of 
F have to satisfy condition (ii). 

The proof uses the following notation. 

Notation 8.1.4. For any k e N, let e con [ fc ] be a canonical index for the constant 
function on N with constant value k, i.e., for all tiGN, 

{e CO n[fc]}(» = k. 

Note that e CO n[fc] £ and 

a(e C on[A;]) = ct(k). 
8.2 Proof of Theorem B: Overview 

As an aid to the reader, we first give an informal overview of the proof of Theorem B. 
(See Figure 3.) 




Figure 3 
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Given the assumptions (i) — > (iv) of Theorem B, suppose F : A u — > A s is strictly 
a-computable by / : — >$la, s - (In Figure 3, we represent / as mapping to Q S , 
rather than mapping to Oq )S , as a useful approximation, as we will see.) We must 
describe a WhileCC* procedure which approximates F on A. 

Let x E A u . Suppose F{x) [ y. By the density of X = ran(a u ) in A u , and by the 
openness of dom(F), for each n we can find (using the 'choose' operator, as well as the 
WhileCC* computability of a) an element /c n ofO^ such that x n =df ot u (k n ) e dom(F), 
and also d(x n ,x) < 2~ n . 

Now compute an element l n of which is a close approximation to f(k n ), or rather 
to /( e con[fc„])- More precisely, let e' n —df /(e CO n[fc„]) 5 and let l n —df {e' n }(n). Then 
d{a{l n ),a(<)) < 2" n - Put y n = a(l n ). 

We must now check that the mapping (x,n) h- > y n defined above is WhileCC* 
computable, and approximates F. By effective local uniform continuity of F, since (x n ) n 
is a fast Cauchy sequence with limit x, (y n )n is a Cauchy sequence with computable 
modulus of convergence and limit y. Note also that WhileCC* computability of y n (as 
a function of x and n) uses the WhileCC* computability of a. Hence we can define a 
WhileCC* procedure P : nat x u — > s with P A (n,x) equal to the set of all such y n , 
obtainable in this way from all possible implementations of the 'choose' operator. Hence 
F is computably approximable by P. 

We turn to a precise proof of the theorem. 
8.3 Proof of Theorem B 

First we show, from assumption (Hi), that F has a WhileCC* modulus of continuity, 
i.e., a function 

MC F : A u x N — ■» N 
such that dom(F) C dom(MCV), and for all x,y <E dom(F) and for all n, 

d(x,y) < 2 - MC ^,n) ^ d(F(x),F(y)) < 2" n . (1) 

A WhileCC* algorithm for this is easily constructed as follows (using the notation of 
Definition 8.1.1). With input x G A u and n: first find i such that 

xeB(a(h), 2~ h ). (2) 

(If x (jz dom(F), there may be no such i, and the algorithm for MCp(x,n) would then 
diverge, which is fine, from our viewpoint.) Note that the sequences (hi) and (/^) are 
computable, and also (by assumption (ii)) a is WhileCC* computable. We also use 
the primitive operations d and '<' (partial!) on R, as well as the 'choose' construct, in 
"finding" a suitable i. 

Next (by (2)) find a natural number do such that 



d(x, a(ki)) + 2~ do < 2~ h 



(3) 
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Here again we use the WhileCC* computability of a, and the primitive operations d, 
'+' and '< on R, as well as the 'choose' construct, to find a suitable do. 

From (2) and (3), 

B(x, 2~ d ") C B(a(ki), 2-'*). 

So define 

MCj?(x,n) := max(do, LUp(i, n)) 
which is WhileCC* computable, by the above remarks. 

Now we will describe (in pseudo- WhileCC* code) an algorithm for a WhileCC*- 
computable function 

G : Nx A u ^+ A S T 
which approximates F, in the sense that for all n and all x G dom(F), 

G n {x) C B(F(x), 2"") C A.. (4) 

With input n, x: 
(1°) Compute 

M := MC F (x, n+1). (5) 
(2°) We want to find some k such that both 

d(a(k), x) < 2~ M (6) 

and 

a(e CO n[fc]) = a(k) G dom(F). (7) 

Assume x G dom(F). By the density assumption (i) and openness assumption (iv), such 
a k exists. Further, by assumption, F has a computable strict o7-tracking function /. Then 
(7) is equivalent to 

/(econ[fc]) I • (8) 

So using the 'choose' construct again, search for some k satisfying both (6) and (8). (Note 
that in practice this 'choose' operation would be implemented by dovetailing — recall the 
discussion in §4.1.) 

(3°) Compute /(e con [ fc] ) | e'. By (7), e' G Q and 

F(a(k)) = F(a(econ[fc])) = a(/(e C on[fc])) = a(e'). 
Hence by (1), (5) and (6), 

d(F(x), a(e')) = d(F(x), F(a(k))) < 2""" 1 . (9) 
(4°) Finally compute 

y := a({e'}(n+l)) (10) 
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This is possible by assumption (ii) again. Then, since a o {e'} is a fast Cauchy sequence, 
d(y, a(e')) = d(a({e'}(n + 1)), a(e')) < 2~ n ~\ (11) 
Hence by (11) and (9), 

d(y,F(x)) < d(y,a(e')) + d(a(e'), F(x)) 
< 2" n_1 + 2 _n_1 
= 2 _n . 

Define G n (x) to be the set of all possible y computed as in (10), by all possible imple- 
mentations of the 'choose' construct as used in the above algorithm. Then G satisfies (4), 
and is WhileCC* computable, by the above discussion. □ 

9 Completeness of WhileCC* approximation 

Under certain assumptions, we can combine Theorems A and B into a single equivalence, 
Theorem C below. We will then look at several examples of metric algebras where our 
abstract and concrete models are equivalent according to this Theorem. 

9.1 Effective openness 

Note first the following problem: Theorem A concludes with 57-computability of F, whereas 
Theorem B assumes strong a-computability. To deal with this, we must make an assump- 
tion of "effective openness" of dom(F). This is handled by strengthening the "effective 
local uniform continuity" assumption, as follows. 

Assume, as before, that A is an N-standard metric Z'-algebra, (A, a) is an enumerated 
Z'-subspace of A, and (C a (A), a) is its computable closure in A. 

Definition 9.1.1 (a-effective openness). A subset U of A u (u a Z'-product type) is 
effectively open (with respect to a) if there is a recursive sequence 

(k Jo), (/ci,/i), (k 2 ,h), ... 

of pairs of naturals such that 



U = QB tt (a(fei), 2-'<). 



i=0 



Definition 9.1.2 (Strong a-effective local uniform continuity). A partial function 

F : A u — > A s is strongly effectively locally uniformly continuous (with respect to a) if 
there is a recursive sequence 



(k ,l ), (h,h), (k 2 ,h), 
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of pairs of naturals such that 

oo 

dom(F) = \jB u (a(ki), 2~ li ) (1) 

i=0 

and there is a total recursive function LUf : N — > N (a modulus of local uniform 
continuity for F) such that for all i, all x, y G H u (a(ki), 2~ li ), and all n: 

d(x,y) < 2~ LVf ^ =^ d{F(x),F(y)) < 2~ n . 

Remark 9.1.3. The only difference between effective local uniform continuity (Definition 
8.1.1) and the "strong" version above is the equality in equation (1). 

Let F : A u — > A s be a function on A. Then clearly: 

Lemma 9.1.4. Strong a-effective local uniform continuity of F implies a-effective open- 
ness of dom(F). 

Lemma 9.1.5. Suppose dom{F) is a-effectively open, and a is strictly S-effective. Then 
F is a-computable •<=>- F is strictly a-computable. 

Proof: (=>■) Note first that the assumptions imply that 

dorn^(F) = df (a)" 1 (dom(F)) = { e G | a(e) G dom(F) } 

is an r.e. (recursively or computably enumerable) subset of N, since for all e G N 

eedoiria(F) 3i[d(a(e),a(ki)) < 2~ h ] 

(in the notation of Definition 9.1.2) which is an r.e. condition, by strict a-computability 
of d and less rea | (implied by strict Z'-effectiveness of a). Hence, if / is a computable 
a-tracking function for F, it can be replaced by a strict a-tracking function /', defined by 

f /(e) if e G dom^F) 
/(e) ~ < 

[ t otherwise 

which is easily seen to be computable. □ 

Lemma 9.1.6. Suppose dom(F) is a-effectively open, and the mappings a s : N — > A s 
are WhileCC* computable. Then 

F is WhileCC* -approximable ^=^> F is strictly WhileCC* -approximable. 

(Recall Definition 3.5.1.) The proof is an easy exercise. 
9.2 Completeness 

We are ready to state the completeness theorem for WhileCC* approximability relative 
to a-computability. 
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Theorem C (Completeness). Let A be an N-standard metric L '-algebra, and (X, a) 
an enumerated Sort(£)-subspace. Suppose the enumerated Sort(E) -space (C a (X), a) of 
a-computable elements of A is a S-subalgebra of A. Assume also that for all U-sorts s, 

(i) a is strictly ^-effective, 

(ii) X s is dense in A s , and 

(Hi) a s : N — > A s is WhileCC* -computable on A. 

Let F : A u — > A s be a function on A, such that 

(iv) F is strongly effectively locally uniformly continuous w.r.t. a. 

Then 

F is (strictly) WhileCC* approximable on A •<=>- F is (strictly) a-computable on A. 

Note that the word "strictly" in the equivalence may be omitted or inserted in either side 
at will. 

Proof: From Theorems A and B, together with Lemmas 9.1.4, 9.1.5 and 9.1.6. 

9.3 Examples of the application of the Completeness Theorem 
(a) Canonical enumerations 

The purpose of this example is to make plausible condition (Hi) of Theorem C (and, of 
course, condition (ii) of Theorem B in Section 8), i.e., the assumption of WhileCC* 
computability of the enumeration a, by describing a commonly occurring situation which 
implies it. 

Suppose (X, a) is an enumerated Z'-subalgebra of A. 

Definition 9.3.1. The enumeration a: N -» X is effectively determined by a system of 
generators G = (g^ g{, #f , . . .) s£ Sort(z) if ' and onl y if ' 

(i) G generates X as a I7-subalgebra of A; 

(ii) a is defined as the composition of the maps 

enumx; eval G 
N Term(U) X 

where enum^ is the inverse of the Godel numbering of Term(E), and eval G is the 
term evaluation induced by G, i.e., 

eval G (t) = \t\a G , 

where a G is the state defined by 
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for some standard enumeration xg, xf , x|, . . . of the Z 1 - variables of sort s; and 

(Hi) if, for any Z'-sort s, the sequence (<7q, g{ , g%, ■ ■ ■) is finite, then each gf is a ^-constant, 
whereas if this sequence is infinite, then the map i i— > gf is a Z'-function. 

An enumeration constructed in this way is called canonical w.r.t. G. 

Remark 9.3.2 (Totality of evalc). We assume here that evalo (and hence a) is total. 
This is achieved by assuming that either 

(i) A is total, or 

(ii) Term(S) is replaced by some decidable subset Term'(S) on which eval G is total 
(for example, omitting all terms involving division by 0). 

Either one of these assumptions holds in each of the following examples; for example, (i) 
holds in example (b) below, and (ii) in example (c), resulting in the same "canonical" 
enumeration a of Q in both cases (even though the algebras are different). 

Proposition 9.3.3. If a is effectively determined by a system of generators, then the 
canonical enumerations ct s are While* computable for all £ -sorts s. 

Proof: This follows from the While* computability of term evaluation [TZ00, Cor. 
4.7]. □ 

The significance of the above definition and proposition is this: it is quite common 
for an enumeration to be effectively determined by a system of generators; and in such 
a situation, condition (ii) in Theorem B, and (Hi) in Theorem C, will be (more than) 
satisfied. This will be the case in the following examples. 

(6) Partial real algebra 

Recall the example (7.1.5) of the enumeration ct of Q as a subspace of the N-standardised 
metric algebra 1Z N of reals (Examples 2.5.3(6) and 2.6.1) and the corresponding enumer- 
ation a of the set C Q (Q) of recursive reals. Note that a is canonical, being effectively 
determined by the generators {0, 1}, and is hence While* computable over 1Z. Further, Q 
is dense in R, C Q (Q) is a subfield of R, and a is strictly I7(7£)-effective. We then have, as 
a corollary to Theorem C: 

Corollary 9.3.4. Suppose F: R n — ► R is strongly effectively locally uniformly contin- 
uous. Then 

F is (strictly) WhileCC* -approximable on 1Z N 

^=^> F is (strictly) a-computable on R. 

Examples of functions satisfying the assumption (and also the equivalence) are all the 
common (partial) functions of elementary calculus, such as 1/x, logx and tana;. 
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(c) Banach spaces with countable bases 



Let X be a Banach space over R with a countable basis eo, ei, e2, 
any element x G X can be represented uniquely as an infinite sum 



which means that 



x 



= E 



with coefficients 6 t (where the infinite sum is understood as denoting convergence of 
the partial sums in the norm of X). (Background on Banach space theory can be found 
in any of the standard texts, e.g., [Roy63, TL80].) To program with X, we construct a 
many-sorted algebra X of the form 



algebra 
import 
carriers 
functions 



end 



X 

n N 
x 

0: 
+ 



X 2 -X, 
X -> X, 

|| • || : A" — > R 
e: N -> X, 
ifx : B x X 2 - 







where is scalar multiplication, || • || is the norm function and and e is the enumeration 
of the basis: e(i) = e^. Note that the algebras B and M are implicitly imported, as parts 
of 1Z N , so that there are four carriers: X, R, B and N, of sorts vector, scalar, bool and 
nat respectively. 

Let E = E(X). Let Eq be E without the norm function || • ||, and let Xq be the reduct 
of X to Eq. Then Eq is the signature of an N-standardised vector space over R, with 
explicit countable basis. 

This can be turned into a metric algebra in the standard way, by defining a distance 
function on X in terms of the norm: 

d(x,y) = df ||x-y||. 



Let L(Q, e) C X be the set of all finite linear combinations of basis elements from e 
with coefficients in Q. The following are easily shown: 

• L(Q, e) is countable; in fact it has a canonical enumeration 

a: N -» L(Q,e) 

w.r.t. the generators e, which (by (a) above) is While* computable; 
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• L(Q, e) is dense in X; 

• L(Q, e), with scalar field Q (together with carriers N and B) is a Zo-subalgebra of 

Xq. 

Now let (C a (L(Q, e)), a) be the enumerated subspace of a-computable vectors. Then we 
can see that 

• C a (L(Q, e)), with scalar field C a (Q) (together with carriers N and B) is also a Eq- 
subalgebra of Xq; and moreover, 

• a is strictly Ineffective. 

However C a (L(Q, e)) is not necessarily a normed subspace of X , since it may not be closed 
under || ■ ||, i.e., \\x\\ may not be in C a (Q) for all x G C a (L(Q, e)); for example, if X is 
the space £ p or L p [0, 1] where p is a nonrecursive real (see Examples 9.3.8 below). We 
must therefore make an explicit assumption for the Banach space (X, || ■ ||) with respect 
to both the closure of C a (L(Q, e)) under || ■ ||, and the a-computability of || ■ ||. 

Assumption 9.3.5 (a-computable norm assumption for {X, \\ ■ ||)). 

For all x G C Q (L(Q, e)), ||x|| G C Q (Q). Furthermore, the norm function || • || is strictly 

a-computable. 

As we will see, many common examples of Banach spaces satisfy this assumption. 

Note that ssumption 9.3.5 is equivalent to the following (apparently weaker) assumption, 
which is often easier to prove: 



Assumption 9.3.6 ((a, o7)-computable norm assumption for (X, \\ ■ ||)). For all 
x G L(Q, e), ||x|| G C Q (Q). Further, || • || has a computable (a, a)-tracking function, i.e., 
a computable function f : N — > N such that the following diagram commutes: 



L(Q,e) 



r 



a 



a 



N 



/ 
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Suppose now that (X, || ■ ||) satisfies the a-computable norm assumption. Then the Uq- 
subalgebra C a (L(Q, e)) of X can be expanded to a Z'-subalgebra of X (which we will 
also write as C a (L(Q, e))), enumerated by 57, which is strictly Z'-effective. 

Now let F: X — > R be a (total) linear functional on X. F is said to be bounded if for 
some real M, 

\F(x)\ < M\\x\\ for all x G X. (1) 
Write ||F|| for the least M for which (1) holds. Then if F is bounded, 

\F(x) — F(y)\ < \\F\\ ■ \\x — y\\ for all x, y G X, 
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and so F is uniformly continuous, in fact it is clearly effectively locally uniformly continu- 
ous, and strongly so (since it is total). We may therefore apply Theorem C to F. 

Corollary 9.3.7 (Completeness for computation on Banach spaces). Let X be 

a Banach space over R with countable basis, and let C Q (L(Q, e)) be the enumerated 
subspace of a-computable vectors, where a is a canonical enumeration of the subspace 
L(Q, e). Suppose (X, || ■ ||) satisfies the (a, a) -computable norm assumption. Then for 
any bounded linear functional F on X , 

F is (strictly) WhileCC* approximable on X F is (strictly) a-computable on X, 

where X is the N-standard algebra formed from X as above. 

Finally we give examples of Bananch spaces which satisfy this a-computable norm 
assumption. 

Examples 9.3.8 (Banach spaces with computable norms). 

(i) For 1 < p < oo, we have the space t p of all sequences x = {x n )'^L Q of reals such that 
12^=0 \ x n\ p < 00 7 with norm defined by 

oo 

ll^llp = ( ^ ^ \ x n | P ) ? 

n=0 

and a countable basis given by ei = (ei >n )^ , where 

f 1 if % = n, 
\ otherwise. 

It is not hard to see that 

if p is a recursive real, then £ p satisfies the computable norm assumption, 

and hence Corollary 9.3.7 can be applied to it. 

(ii) For 1 < p < oo, we have the space L p [0, 1] of all Lebesgue measurable functions / 
on the unit interval [0, 1] such that J Q \f\ p < oo, with norm defined by 

imip = ( f\f\ p ) 1,p , 

Jo 

and a countable basis given by (e.g.) some standard enumeration of all step functions 
on [0, 1] with rational values and (finitely many) rational points of discontinuity, or 
of all polynomial functions on [0, 1] with rational coefficients. Again, it is not hard 
to see that 

ifp is a recursive real, then L p [0, 1] satisfies the computable norm assumption, 
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and hence Corollary 9.3.7 can be applied to it. 
(Hi) The space C[0, 1] of all continuous functions / on [0, 1], with norm defined by 

H/IU = BU P |/(f)| 

tei 

and a countable basis given by a standard enumeration of all zig-zag functions on [0, 1] 
with (finitely many) turning points with rational coordinates, or of all polynomial 
functions on [0, 1] with rational coefficients. Again, we see that 

C[0, 1] satisfies the computable norm assumption. 

10 Conclusion 

We have compared two theories of computable functions on topological algebras, one based 
on an abstract, high level model of programming and another based on a concrete, low- level 
implementation model. Our examples and results here, combined with our earlier results 

[TZ99, TZ00] and those of Brattka [Bra96, Bra99], show that the following are surprisingly 
necessary features of a comprehensive theory of computation on topological algebras: 

1. The algebras have partial operations. 

2. Functions are both continuous and multivalued. 

3. Classical algorithms in analysis require nondeterministic constructs for their proper 
expression in programming languages. 

4. Indeed, multivalued subfunctions are needed to compute even single-valued functions, 
and abstract models must be nondeterministic even to compute deterministic problems. 

5. Abstract models and effective approximations by abstract models are generally sound 
for concrete models. 

6. Abstract models even with approximation or limit operators are adequate to capture 
concrete models only in special circumstances. 

7. Nevertheless there are interesting examples where equivalence holds. 

8. The classical computable functions of analysis can be characterised by abstract models 
of computation. 

Specifically, we examined abstract computation by the basic imperative model of ' while'- 
array programs. Many algorithms in practical computation are presented in pseudo-code 
based on the 'while' language. To meet the requirement of feature 2 above we added the 
simplest form of countable choice to the assignments of the language, and we defined the 
WhileCC* approximable computations. We proved a Soundness Theorem (Theorem A) 
and an Adequacy Theorem (Theorem B), and combined these into a Completeness Theo- 
rem (Theorem C), in the case of metric algebras with partial operations. We considered 
algebras of real numbers and Banach spaces where equivalence theorems hold. 

There are, of course, interesting technical questions to answer in working out the details 
of the computability theory for the WhileCC* model (cf. the theory for single-valued 
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functions on total algebras in [TZOO]). There are several other important abstract models 
of computation that may be extended with nondeterminsitic constructs in order to establish 
equivalence with concrete models. The abstract model of schemes in [Bra99] is quite general 
in a number of ways. The topological properties of many valued functions are also in need 
of investigation. 

However, returning to the general problem posed in the Introduction, the features 1-8 
above suggest that new research directions are needed to develop a comprehensive theory 
of specification, computation and reasoning with infinite data. What are the appropriate 
programming constructs for working with topological computations? What specification 
techniques are appropriate for continuous systems? What logics are needed to support 
verification of programs that approximate functions? Our work on computation suggests 
that some advanced semantic features are necessary. It suggests that the nondeterminism 
that played an important role in programming methodologies of the late 1970s (e.g., [Dij76] 
seems to be needed in the proper development of topological programming. There are 
plenty of algorithms in scientific modelling, numerical analysis and graphics to investigate, 
using such new theoretical tools. 
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